Thank you, I have requested IETF LC be started on this document. W
On Thu, Apr 11, 2024 at 9:03 AM, Peter Thomassen <pe...@desec.io> wrote: > Dear DNSOP, > > Here's a quick change log, all are editorial: > > - Editorial changes from AD Review > - Updated implementation section > - Change capitalization of terms from terminology section (from WGLC) > > Peter > > On 4/11/24 14:59, internet-dra...@ietf.org wrote: > > Internet-Draft draft-ietf-dnsop-dnssec-bootstrapping-08.txt is now > available. It is a work item of the Domain Name System Operations (DNSOP) > WG of the IETF. > > Title: Automatic DNSSEC Bootstrapping using Authenticated Signals from the > Zone's Operator Authors: Peter Thomassen > Nils Wisiol > Name: draft-ietf-dnsop-dnssec-bootstrapping-08.txt Pages: 17 > Dates: 2024-04-11 > > Abstract: > > This document introduces an in-band method for DNS operators to publish > arbitrary information about the zones they are authoritative for, in an > authenticated fashion and on a per-zone basis. The mechanism allows managed > DNS operators to securely announce DNSSEC key parameters for zones under > their management, including for zones that are not currently securely > delegated. > > Whenever DS records are absent for a zone's delegation, this signal > enables the parent's registry or registrar to cryptographically validate > the CDS/CDNSKEY records found at the child's apex. The parent can then > provision DS records for the delegation without resorting to out-of-band > validation or weaker types of cross-checks such as "Accept after Delay". > > This document deprecates the DS enrollment methods described in Section 3 > of RFC 8078 in favor of Section 4 of this document, and also updates RFC > 7344. > > [ Ed note: This document is being collaborated on at https://github.com/ > desec-io/draft-ietf-dnsop-dnssec-bootstrapping/ > (https://github.com/desec-io/draft-ietf-dnsop-dnssec-bootstrapping/). The > authors gratefully accept pull requests. ] > > The IETF datatracker status page for this Internet-Draft is: https:// > datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-bootstrapping/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ietf-dnsop-dnssec-bootstrapping-08. > html > > A diff from the previous version is available at: > https://author-tools.ietf.org/ > iddiff?url2=draft-ietf-dnsop-dnssec-bootstrapping-08 > > Internet-Drafts are also available by rsync at: > rsync.ietf.org::internet-drafts > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > > -- > Like our community service? 💛 > Please consider donating at > > https://desec.io/ > > deSEC e.V. > Kyffhäuserstr. 5 > 10781 Berlin > Germany > > Vorstandsvorsitz: Nils Wisiol > Registergericht: AG Berlin (Charlottenburg) VR 37525 > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
