IETF Logo Mail Archive

Re: [dnsext] [Editorial Errata Reported] RFC6840 (4191)

Olafur Gudmundsson <ogud@ogud.com> Tue, 02 December 2014 21:07 UTC

Return-Path: <ogud@ogud.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 045A41A8766 for <dnsext@ietfa.amsl.com>; Tue, 2 Dec 2014 13:07:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bZyZ0_-gjqwi for <dnsext@ietfa.amsl.com>; Tue, 2 Dec 2014 13:07:18 -0800 (PST)
Received: from smtp107.ord1c.emailsrvr.com (smtp107.ord1c.emailsrvr.com [108.166.43.107]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50F6B1A7015 for <dnsext@ietf.org>; Tue, 2 Dec 2014 13:06:50 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp14.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id 7F7403803A5; Tue, 2 Dec 2014 16:06:49 -0500 (EST)
X-Virus-Scanned: OK
Received: by smtp14.relay.ord1c.emailsrvr.com (Authenticated sender: ogud-AT-ogud.com) with ESMTPSA id E3E073802E0; Tue, 2 Dec 2014 16:06:47 -0500 (EST)
X-Sender-Id: ogud@ogud.com
Received: from [10.20.30.43] (pool-74-96-189-180.washdc.fios.verizon.net [74.96.189.180]) (using TLSv1 with cipher DHE-RSA-AES256-SHA) by 0.0.0.0:465 (trex/5.3.2); Tue, 02 Dec 2014 21:06:49 GMT
Content-Type: text/plain; charset="iso-8859-1"
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
From: Olafur Gudmundsson <ogud@ogud.com>
In-Reply-To: <547E1F3F.5040400@innovationslab.net>
Date: Tue, 02 Dec 2014 16:06:45 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <792B8DE9-6E5A-4638-8D5B-5A12B15E680D@ogud.com>
References: <20141202163646.E4BFC18123F@rfc-editor.org> <547E1F3F.5040400@innovationslab.net>
To: Brian Haberman <brian@innovationslab.net>
X-Mailer: Apple Mail (2.1993)
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsext/FSxcDFbVInqXjK5pOYNhti93jZM
Cc: edward.lewis@icann.org, dnsext@ietf.org, ted.lemon@nominum.com, RFC Errata System <rfc-editor@rfc-editor.org>
Subject: Re: [dnsext] [Editorial Errata Reported] RFC6840 (4191)
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext/>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Dec 2014 21:07:23 -0000

I agree the text Ed supplied is clearer to outsiders and has the same meaning to 
insiders as the original text. 
I recommend you approve the errata. 

Olafur

> On Dec 2, 2014, at 3:21 PM, Brian Haberman <brian@innovationslab.net> wrote:
> 
> Despite Donald's assertion, I think this is a valid erratum and should
> be marked Verified.  However, I will wait for others to chime in on the
> subject before doing so.
> 
> Regards,
> Brian
> 
> On 12/2/14 11:36 AM, RFC Errata System wrote:
>> The following errata report has been submitted for RFC6840,
>> "Clarifications and Implementation Notes for DNS Security (DNSSEC)".
>> 
>> --------------------------------------
>> You may review the report below and at:
>> http://www.rfc-editor.org/errata_search.php?rfc=6840&eid=4191
>> 
>> --------------------------------------
>> Type: Editorial
>> Reported by: Edward Lewis <edward.lewis@icann.org>
>> 
>> Section: 5.11
>> 
>> Original Text
>> -------------
>> ...
>> 
>> A signed zone MUST include a DNSKEY for each algorithm present in
>>      the zone's DS RRset and expected trust anchors for the zone.  The
>>      zone MUST also be signed with each algorithm (though not each key)
>>      present in the DNSKEY RRset.  
>> 
>> Corrected Text
>> --------------
>> A signed zone MUST include a DNSKEY for each algorithm present in
>>      the zone's DS RRset and expected trust anchors for the zone.  Each
>>      authoritative RRset in the zone MUST be signed with each 
>>      algorithm (though not each key) present in the DNSKEY RRset.  
>> 
>> Notes
>> -----
>> Zones aren't signed (per se), the data sets within them are.  But not cut point (NS) and glue.
>> 
>> Instructions:
>> -------------
>> This erratum is currently posted as "Reported". If necessary, please
>> use "Reply All" to discuss whether it should be verified or
>> rejected. When a decision is reached, the verifying party (IESG)
>> can log in to change the status and edit the report, if necessary. 
>> 
>> --------------------------------------
>> RFC6840 (draft-ietf-dnsext-dnssec-bis-updates-20)
>> --------------------------------------
>> Title               : Clarifications and Implementation Notes for DNS Security (DNSSEC)
>> Publication Date    : February 2013
>> Author(s)           : S. Weiler, Ed., D. Blacka, Ed.
>> Category            : PROPOSED STANDARD
>> Source              : DNS Extensions
>> Area                : Internet
>> Stream              : IETF
>> Verifying Party     : IESG
>> 
>

v2.23.0 | Report a Bug | By Email