Protocol Action: Simple Secure Domain Name System (DNS) Dynamic Update to Proposed Standard
The IESG <iesg-secretary@ietf.org> Tue, 10 October 2000 19:17 UTC
Received: from psg.com (psg.com [147.28.0.62]) by ietf.org (8.9.1a/8.9.1a) with SMTP id PAA11310 for <dnsext-archive@lists.ietf.org>; Tue, 10 Oct 2000 15:17:17 -0400 (EDT)
Received: from lserv by psg.com with local (Exim 3.16 #1) id 13j4bo-0008HL-00 for namedroppers-data@psg.com; Tue, 10 Oct 2000 11:58:40 -0700
Received: from rip.psg.com ([147.28.0.39]) by psg.com with esmtp (Exim 3.16 #1) id 13j4bn-0008HF-00 for namedroppers@ops.ietf.org; Tue, 10 Oct 2000 11:58:39 -0700
Received: from randy by rip.psg.com with local (Exim 3.16 #1) id 13j4bn-0006cf-00 for namedroppers@ops.ietf.org; Tue, 10 Oct 2000 11:58:39 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <200010101851.OAA10587@ietf.org>
To: IETF-Announce:;
Cc: RFC Editor <rfc-editor@isi.edu>
Cc: Internet Architecture Board <iab@isi.edu>
Cc: namedroppers@ops.ietf.org
From: The IESG <iesg-secretary@ietf.org>
Subject: Protocol Action: Simple Secure Domain Name System (DNS) Dynamic Update to Proposed Standard
Date: Tue, 10 Oct 2000 14:51:48 -0400
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
Content-Transfer-Encoding: 7bit
The IESG has approved the following Internet-Drafts as Proposed Standards: Simple Secure Domain Name System (DNS) Dynamic Update <draft-ietf-dnsext-simple-secure-update-02.txt>, obsoleting RFC2137. Domain Name System Security (DNSSEC) Signing Authority <draft-ietf-dnsext-signing-auth-02.txt>, updating RFC2535. These documents are the product of the DNS Extensions Working Group. The IESG contact persons are Erik Nordmark and Thomas Narten. Technical Summary The first document specifies a method for performing secure Domain Name System (DNS) dynamic updates. The method described is intended to be flexible and useful while requiring as few changes to the protocol as possible. The authentication of the dynamic update message is separate from later DNSSEC validation of the data. Secure communication based on authenticated requests and transactions is used to provide authorization. The second document specifies a revised model of Domain Name System Security (DNSSEC) Signing Authority. The revised model is designed to clarify earlier documents and add additional restrictions to simplify the secure resolution process. Specifically, this affects the authorization of keys to sign sets of records. Working Group Summary There was WG consensus to advance these documents. Protocol Quality The specifications have been reviewed for the IESG by Erik Nordmark. to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body.