Mikael, the operation of the root zone and signing of the root zone is in the ICANN/IANA bailiwick. Therefore most of the relevant document to the RZ DNSSEC operations can be found at https://www.iana.org/dnssec/ and the document you are most interested in is here: http://data.iana.org/root-anchors/draft-icann-dnssec-trust-anchor.html + the files https://www.iana.org/dnssec/files
It might be worth letting them know if you feel that the documentation is incomplete or inaccurate. ~~~ As a side note for dnsop: It might be worthwhile to either revive draft-ietf-dnsop-dnssec-trust-anchor as Informational or let the IANA adopt that as an IANA document. Cheers, -- Ondřej Surý -- Technical Fellow -------------------------------------------- CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC Milesovska 5, 130 00 Praha 3, Czech Republic mailto:ondrej.s...@nic.cz https://nic.cz/ -------------------------------------------- ----- Original Message ----- > From: "Mikael Abrahamsson" <swm...@swm.pp.se> > To: "Ondřej Surý" <ondrej.s...@nic.cz> > Cc: "dnsop" <dnsop@ietf.org> > Sent: Thursday, 17 November, 2016 02:45:24 > Subject: Re: [DNSOP] DNSSEC operational issues long term > On Thu, 17 Nov 2016, Ondřej Surý wrote: > >> Again, you are using unfair arguments. The devices have to cope with >> that and it doesn't have to be a protocol design. > > Agreed. It can also be method design. There have been some suggestions in > this thread for ways to handle the problem. I have not seen any that is > actually an RFC, preferrably a BCP type document that descibes the problem > and suggests how it can be handled. > > Or is there a document I have missed I can point vendors and IETF people > to, to understand and handle this DNSSEC property (that doesn't seem to be > well known, I talked to several people this morning who had no idea this > DNSSEC limitation existed). > > -- > Mikael Abrahamsson email: swm...@swm.pp.se _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
