Belated thanks for your feedback. I will proceed with the authors for the next step to submit the draft to the IESG for publication.
Best, -- Benno On 10/07/2019 23:41, bert hubert wrote: > On Wed, Jul 10, 2019 at 10:56:26PM +0200, Benno Overeinder wrote: >> >From the feedback on the mailing list, the chairs believe that all >> feedback and comments have been addressed by the authors, either in the >> draft or on the mailing list. > > With tremendous apologies for not spending a second on this draft earlier, I > do miss one sentence. But first, let me state that I (and the camel) are > elated that this draft actually obsoletes documents and doesn't add > substantially to the pagecount, or might even reduce it (!). > > The sentence I miss comes after this first paragraph: > > TSIG was originally specified by [RFC2845]. In 2017, two nameservers > strictly following that document (and the related [RFC4635]) were > discovered to have security problems related to this feature. The > implementations were fixed but, to avoid similar problems in the > future, the two documents were updated and merged, producing this > revised specification for TSIG. > > While TSIG implemented according to this RFC provides for enhanced > security, there are no changes in interoperability. TSIG is on the wire > still the same mechanism, only checking semantics have been changed. > Please see section 10.1 for further details. > > Rationale for this new paragraph is that it will save like 10000 questions > on if this TSIG is compatible with the old TSIG, or if software X implements > RFC9xxx TSIG or the old one, and if there is fallback etc. > > I fully realize how late my suggestion is. > >> This starts a Working Group Last Call process of three weeks and ends >> on: 31 July 2019. > > I'm very much in favour of this cleanup and I applaud the authors for doing > the hard work to make it happen. > > Bert > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
