As mentioned at the very end of DNSOP, Olafur Gudmundsson, Ondrej Sury, Paul Wouters and I have a draft published that aims to document the steps involved with deploying a new cryptographic algorithm for DNSSEC. The overall goal is to make it easier to get new DNSSEC crypto algorithms deployed, both through documenting existing steps - and then potentially building off of this work with new documents to improve some of the steps. Right now we'd like to get ECDSA out, but EdDSA is coming out soon and it would be great to get that deployed sooner rather than later.
As I said in the session, we'd like to get reviewers and then get the document adopted by the WG and moved along toward publication. The draft is at either of: https://datatracker.ietf.org/doc/draft-york-dnsop-deploying-dnssec-crypto-algs/ https://tools.ietf.org/html/draft-york-dnsop-deploying-dnssec-crypto-algs-04 Please send any comments to the list or to us as authors. I also am maintaining this over in Github at: https://github.com/danyork/draft-deploying-dnssec-crypto-algs If you are a Github user you are welcome to file an issue there or send text in a pull request. Regardless, we'd just like any feedback (even if to say that it looks good). Thanks, Dan -- Dan York Senior Content Strategist, Internet Society y...@isoc.org<mailto:y...@isoc.org> +1-802-735-1624 Jabber: y...@jabber.isoc.org<mailto:y...@jabber.isoc.org> Skype: danyork http://twitter.com/danyork http://www.internetsociety.org/
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
