[DNSOP] Protocol Action: 'A Root Key Trust Anchor Sentinel for DNSSEC' to Proposed Standard (draft-ietf-dnsop-kskroll-sentinel-17.txt)

The IESG <iesg-secretary@ietf.org> Mon, 05 November 2018 07:01 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 89E58130DEB; Sun, 4 Nov 2018 23:01:26 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.87.3
Auto-Submitted: auto-generated
Precedence: bulk
Cc: tjw.ietf@gmail.com, The IESG <iesg@ietf.org>, rfc-editor@rfc-editor.org, dnsop-chairs@ietf.org, Benno Overeinder <benno@NLnetLabs.nl>, dnsop@ietf.org, Tim Wicinski <tjw.ietf@gmail.com>, terry.manderson@icann.org, draft-ietf-dnsop-kskroll-sentinel@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <154140128654.26498.9807232139343438586.idtracker@ietfa.amsl.com>
Date: Sun, 04 Nov 2018 23:01:26 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/4Y28lAP8Rx2JkGe-gqfAXjeJlKg>
Subject: [DNSOP] Protocol Action: 'A Root Key Trust Anchor Sentinel for DNSSEC' to Proposed Standard (draft-ietf-dnsop-kskroll-sentinel-17.txt)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Nov 2018 07:01:29 -0000

The IESG has approved the following document:
- 'A Root Key Trust Anchor Sentinel for DNSSEC'
  (draft-ietf-dnsop-kskroll-sentinel-17.txt) as Proposed Standard

This document is the product of the Domain Name System Operations Working
Group.

The IESG contact persons are Warren Kumari, Ignas Bagdonas and Terry
Manderson.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-kskroll-sentinel/





Technical Summary

   The DNS Security Extensions (DNSSEC) were developed to provide origin
   authentication and integrity protection for DNS data by using digital
   signatures.  These digital signatures can be verified by building a
   chain of trust starting from a trust anchor and proceeding down to a
   particular node in the DNS.  This document specifies a mechanism that
   will allow an end user and third parties to determine the trusted key
   state for the root key of the resolvers that handle that user's DNS
   queries.  Note that this method is only applicable for determining
   which keys are in the trust store for the root key.

Working Group Summary

This document has had a short history, and came about while working with ICANN on
  the KSK rollover process, as a way to assist tracking the addition and removal of DNSSEC
  keys. 

Document Quality

There are two different implementations of the design. 

Personnel

Document Shepherd: Tim Wicinski 

Responsible Area Director: Terry Manderson