Re: [DNSOP] additional documents for draft-ietf-dnsop-dnssec-bcp
Paul Wouters <paul@nohats.ca> Wed, 13 April 2022 18:49 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C61A3A178F for <dnsop@ietfa.amsl.com>; Wed, 13 Apr 2022 11:49:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zq-ZEVSQ2mpL for <dnsop@ietfa.amsl.com>; Wed, 13 Apr 2022 11:49:40 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52CA23A1785 for <dnsop@ietf.org>; Wed, 13 Apr 2022 11:49:39 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 4Kds8K4CqRz3FG; Wed, 13 Apr 2022 20:49:37 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1649875777; bh=eXyreajSagz3EwS9rbrwnX3Bj1BuSoxNiWckKqt+1uU=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=if8NkG21zMneOwj9PN/SqNuquJ+uwCJV1C4jRnS75Ax3pClqbuk5ymnJc7//fYB8O XGyd0W28dF5YmhkqicO4HsNWpzvkXVHfy+qdobSfoUTl/slodn5E7bGKpgPmbdXiE5 KypaLYHcVfxd8/ONZpyK6Be5M5gyIzeH43m9XT88=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 70CVYBNq-RJt; Wed, 13 Apr 2022 20:49:35 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [193.110.157.194]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Wed, 13 Apr 2022 20:49:35 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 5E6782E1B1B; Wed, 13 Apr 2022 14:49:34 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 5B34A2E1B1A; Wed, 13 Apr 2022 14:49:34 -0400 (EDT)
Date: Wed, 13 Apr 2022 14:49:34 -0400
From: Paul Wouters <paul@nohats.ca>
To: Tim Wicinski <tjw.ietf@gmail.com>
cc: dnsop <dnsop@ietf.org>
In-Reply-To: <CADyWQ+EeM874PtfU+uBU4pe2HX5v-SGrGK6+Zx-o9kSc-sEiow@mail.gmail.com>
Message-ID: <93145d8b-3f90-4acd-f56f-7eec2985114e@nohats.ca>
References: <CADyWQ+EeM874PtfU+uBU4pe2HX5v-SGrGK6+Zx-o9kSc-sEiow@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/1YwKapH2xHyg5n3Q1akLjDNvO8k>
Subject: Re: [DNSOP] additional documents for draft-ietf-dnsop-dnssec-bcp
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Apr 2022 18:49:46 -0000
On Wed, 13 Apr 2022, Tim Wicinski wrote: [speaking as individual contributor] > Subject: [DNSOP] additional documents for draft-ietf-dnsop-dnssec-bcp > During the call for adoption, a few folks mentioned other DNSSEC documents (7129 comes to mind). While I trust Mr. Hoffman's > attention to detail, I wanted to do a quick check to make sure nothing slipped by. > > I pulled this list from rfc-editor.org of every RFC with DNSSEC as a keyword or in the title. > > https://gist.github.com/moonshiner/0746776f2351ae9c8e3edb3373ee39c6 > > The ones marked "No" were made by me. Feel free to say otherwise. > > However, I left 8 RFCs undecided. If the WG has any opinions on those, please feel free to speak up. If we do it as both a reference of DNSSEC and a BCP, then I think we should add: RFC 8901 Multi-Signer DNSSEC Models RFC 8027 a.k.a. BCP 207 DNSSEC Roadblock Avoidance RFC 7583 DNSSEC Key Rollover Timing Considerations RFC 7129 Authenticated Denial of Existence in the DNS RFC 4470 Minimally Covering NSEC Records and DNSSEC On-line Signing I would not include these that you included: RFC 9157 Revised IANA Considerations for DNSSEC [It's IETF administrivia] RFC 6014 Cryptographic Algorithm Identifier Allocation for DNSSEC [It's IETF administrivia] RFC 5933 Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC [Algo is dead] Otherwise, I agree with you. Paul
- [DNSOP] additional documents for draft-ietf-dnsop… Tim Wicinski
- Re: [DNSOP] additional documents for draft-ietf-d… Paul Wouters
- Re: [DNSOP] [Ext] additional documents for draft-… Paul Hoffman