Colleagues,
The new WGLC on draft-ietf-dnsop-zoneversion is now closed. The authors have
incorporated all the revisions requested by our AD and the WG, and we see
consensus to advance it for publication.
Thanks all for your feedback and patience.
Suzanne (for the chairs)
On May 7, 2024, at 1
Hi Paul,
On 5/17/24 20:45, Paul Wouters wrote:
# Section 2
OLD
The DS enrollment methods described in Section 3 of [RFC8078] are
deprecated and SHOULD NOT be used. Child DNS operators and parental
agents who wish to use CDS/CDNSKEY records for initial DS enrollment
SHOULD instead s
[ Apologies for the wide distribution - I sent the original request to
multiple WGs, and so figured this announcement should go to the same. ]
Hi all,
First, huge thanks to everyone who volunteered to serve as chairs for the
(in the process of being chartered) DELEG WG.
We had a large selection
On Fri, 17 May 2024, Peter Thomassen wrote:
Proposed text:
# Abstract
OLD
This document deprecates the DS enrollment methods described in
Section 3 of RFC 8078 in favor of Section 4 of this document, and
also updates RFC 7344.
NEW
This document establishes the DS enrollment method
Hi Murray,
On 5/16/24 12:59, Peter Thomassen wrote:
I support Paul's DISCUSS especially with respect to Section 2. It's peculiar
to say a past process is obsolete and you SHOULD NOT use it, because then
continuing to use it is technically still supported by this document. Don't we
want to say
Hi Joe,
On 5/17/24 10:39, jab...@strandkip.nl wrote:
The Terminology section says:
Signaling domain: A hostname from the child's NS RRset, prefixed
with the label _signal.
Defining a hostname with an alias containing the word "domain" does not
prevent the confusion though (as in my cas
Hi Paul,
Thanks once more. Suggested changes and other comments below. Text edits can be
previewed in this PR:
https://github.com/desec-io/draft-ietf-dnsop-dnssec-bootstrapping/pull/16/commits
On 5/17/24 04:15, Paul Wouters wrote:
Section 2:
The DS enrollment methods described in
Hi Éric,
Thank you for your comments. Associated changes will be included in revision
-10, and can be previewed at
https://github.com/desec-io/draft-ietf-dnsop-dnssec-bootstrapping/pull/16/commits/e7bece2158440c5ed5b221fd8a312ac8f171.
On 5/16/24 15:52, Éric Vyncke via Datatracker wrote:
#
On May 17, 2024, at 04:15, Paul Wouters wrote:
>>> Section 4.1.1:
>>>
>>> It is not clear to me if the "signaling domain" really has to be
>>> its own zone or not. eg:
>>>
>>> _dsboot.example.co.uk._signal.ns1.example.net
>>>
>>> Could this be signed using the DNSKEY of "example.net", or does
