IETF Logo Mail Archive

[DNSOP] I-D Action: draft-ietf-dnsop-multi-provider-dnssec-05.txt

internet-drafts@ietf.org Sun, 19 April 2020 15:24 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 535243A09AD; Sun, 19 Apr 2020 08:24:03 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: dnsop@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.127.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: dnsop@ietf.org
Message-ID: <158730984326.16350.7075447864022088678@ietfa.amsl.com>
Date: Sun, 19 Apr 2020 08:24:03 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/3E5XIY2sf3Ja5IbS0zVaFWF34hQ>
Subject: [DNSOP] I-D Action: draft-ietf-dnsop-multi-provider-dnssec-05.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Apr 2020 15:24:03 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations WG of the IETF.

        Title           : Multi Signer DNSSEC models
        Authors         : Shumon Huque
                          Pallavi Aras
                          John Dickinson
                          Jan Vcelak
                          David Blacka
	Filename        : draft-ietf-dnsop-multi-provider-dnssec-05.txt
	Pages           : 15
	Date            : 2020-04-19

Abstract:
   Many enterprises today employ the service of multiple DNS providers
   to distribute their authoritative DNS service.  Deploying DNSSEC in
   such an environment may present some challenges depending on the
   configuration and feature set in use.  In particular, when each DNS
   provider independently signs zone data with their own keys,
   additional key management mechanisms are necessary.  This document
   presents deployment models that accommodate this scenario and
   describe these key management requirements.  These models do not
   require any changes to the behavior of validating resolvers, nor do
   they impose the new key management requirements on authoritative
   servers not involved in multi signer configurations.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-multi-provider-dnssec/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-dnsop-multi-provider-dnssec-05
https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-multi-provider-dnssec-05

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-multi-provider-dnssec-05


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

v2.23.0 | Report a Bug | By Email