> -----Original Message----- > From: Paul Wouters [mailto:p...@nohats.ca] > Sent: April-11-16 3:18 PM > To: Jacques Latour > Cc: Olafur Gudmundsson; dnsop > Subject: Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-maintain- > ds > > On Fri, 8 Apr 2016, Jacques Latour wrote: > > > two things I see; > > > > 1) the CDNSKEY, since CDS and CDSNKEY are used interchangeably in the > > document, "inserts the corresponding DS RRset as requested" does not > > work for the CDNSKEY, the parental agent must compute a DS and pick an > algorithm & digest type based on the Parental Agent policy. > > Agreed. We will fix it in the next version. > > > 2) if the parental agent does not 'like' the requested CDS parameters, > > then the parental agent can create a DS as per Parental agent policy, with > algorithm & digest type of choosing. > > > > This supports parental agent that publish the DS as requested by the > > child, and support parental agent that want to publish DS conform to their > policies. > > If the child uses CDS, and requests a DS type, and the parent does not like > the DS type, I think the parent should refuse the update.
Exactly, it's a parent policy issue and should not part of this document. Perhaps in more suitable in dnsoperator-to-rrr-protocol draft? Jack _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
