Thank you.
These were clearly nits (not substantive changes), and so I just went
ahead and incorporated / addressed them in the GitHub repo:
https://github.com/APNIC-Labs/draft-kskroll-sentinel

Thank you!
W
On Thu, Jul 5, 2018 at 1:49 PM Bob Harold <rharo...@umich.edu> wrote:
>
>
> On Mon, Jul 2, 2018 at 4:17 PM <internet-dra...@ietf.org> wrote:
>>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts 
>> directories.
>> This draft is a work item of the Domain Name System Operations WG of the 
>> IETF.
>>
>>         Title           : A Root Key Trust Anchor Sentinel for DNSSEC
>>         Authors         : Geoff Huston
>>                           Joao Silva Damas
>>                           Warren Kumari
>>         Filename        : draft-ietf-dnsop-kskroll-sentinel-15.txt
>>         Pages           : 21
>>         Date            : 2018-07-02
>>
>> Abstract:
>>    The DNS Security Extensions (DNSSEC) were developed to provide origin
>>    authentication and integrity protection for DNS data by using digital
>>    signatures.  These digital signatures can be verified by building a
>>    chain of trust starting from a trust anchor and proceeding down to a
>>    particular node in the DNS.  This document specifies a mechanism that
>>    will allow an end user and third parties to determine the trusted key
>>    state for the root key of the resolvers that handle that user's DNS
>>    queries.  Note that this method is only applicable for determining
>>    which keys are in the trust store for the root key.
>>
>>    [ This document is being collaborated on in Github at:
>>    https://github.com/APNIC-Labs/draft-kskroll-sentinel.  The most
>>    recent version of the document, open issues, etc should all be
>>    available here.  The authors (gratefully) accept pull requests.  RFC
>>    Editor, please remove text in square brackets before publication. ]
>>
>>
>> The IETF datatracker status page for this draft is:
>> https://datatracker.ietf.org/doc/draft-ietf-dnsop-kskroll-sentinel/
>>
>> There are also htmlized versions available at:
>> https://tools.ietf.org/html/draft-ietf-dnsop-kskroll-sentinel-15
>> https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-kskroll-sentinel-15
>>
>> A diff from the previous version is available at:
>> https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-kskroll-sentinel-15
>>
>
> More nits:
>
> 2.2. Special Processing
>
> (last paragraph)
> "exactly as if the mechanism described in this document was not
> implemented or disabled."
>
> That is a little confusing, the "not" could apply to "disabled".
> Better to end with "was disabled or not implemented" or "was not implemented 
> or was disabled"
>
>
> 4. Sentinel Tests from Hosts with More than One Configured Resolve
>
> "Resolve" -> "Resolver"
>
> --
> Bob Harold
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to