Re: [DNSOP] RFC 6781 Errata?
Matthijs Mekking <matthijs@pletterpet.nl> Wed, 02 May 2018 08:35 UTC
Return-Path: <matthijs@pletterpet.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D94F126CD8 for <dnsop@ietfa.amsl.com>; Wed, 2 May 2018 01:35:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2QMS7U4h2jDK for <dnsop@ietfa.amsl.com>; Wed, 2 May 2018 01:35:15 -0700 (PDT)
Received: from lb3-smtp-cloud8.xs4all.net (lb3-smtp-cloud8.xs4all.net [194.109.24.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92B341242F5 for <dnsop@ietf.org>; Wed, 2 May 2018 01:35:14 -0700 (PDT)
Received: from [192.168.178.25] ([83.160.139.153]) by smtp-cloud8.xs4all.net with ESMTPSA id DnEDfPT8lJwIgDnEEfmuqy; Wed, 02 May 2018 10:35:13 +0200
To: dnsop@ietf.org
References: <CAAiTEH-U1dHa09ywCAj_y-86Ti4sQf-xrfGFLeuHcXpRrXrAAg@mail.gmail.com>
From: Matthijs Mekking <matthijs@pletterpet.nl>
Message-ID: <f68d5be3-4bd7-70bd-82b2-80be6afef87b@pletterpet.nl>
Date: Wed, 02 May 2018 10:35:08 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <CAAiTEH-U1dHa09ywCAj_y-86Ti4sQf-xrfGFLeuHcXpRrXrAAg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-CMAE-Envelope: MS4wfCro0nvcWHGcB9mMS/WiI4p7s1eMuBAMgFRfM0S91qjZiFLukkX981P6IVuFz6KZS+DCJMkuMENYDjxIBhyLMXY9VgT32xAXjQbHsCi1DxwZB5jcXF9r k87eObjuhVot7+nJN7/aHeyiTmpBO330Zh8B0EYrXd7zt8llbMusTukT
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/BZtQXuydfwq1C2YXBuK98H3_Fcw>
Subject: Re: [DNSOP] RFC 6781 Errata?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 May 2018 08:35:18 -0000
I think the line:
After that DS RR has been
published on all servers authoritative for the parent's zone, the
zone administrator has to wait at least TTL_DS to make sure that
the old DS RR has expired from caches.
Could be part of the 'DS change' step.
It qualifies as an errata IMHO.
Best regards,
Matthijs
On 04/26/2018 04:15 PM, Matthew Pounsett wrote:
> I've found some confusing text in the KSK Rollover section of RFC 6781,
> and I'm trying to decide whether to submit it as errata.
>
> In section 4.1.2, which describes the various steps in a KSK rollover,
> the following text is meant to describe the last three steps:
>
> new DNSKEY: During the "new DNSKEY" phase, the zone administrator
> generates a second KSK, DNSKEY_K_2. The key is provided to the
> parent, and the child will have to wait until a new DS RR has
> been
> generated that points to DNSKEY_K_2. After that DS RR has been
> published on all servers authoritative for the parent's zone, the
> zone administrator has to wait at least TTL_DS to make sure that
> the old DS RR has expired from caches.
>
> DS change: The parent replaces DS_K_1 with DS_K_2.
>
> DNSKEY removal: DNSKEY_K_1 has been removed.
>
>
> The text for the "new DNSKEY" step seems to contain text that belongs in
> the other two.. Even though rearranging it wouldn't change the meaning,
> it's not clear to me that this qualifies as simple errata.. it's
> obviously too big a change to just be fixing a typo.
>
> Thoughts on whether I should submit it?
>
> Or maybe we just put it on the pile of things that have come up recently
> that speak to a 6781-bis document.
>
>
>
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>
- [DNSOP] RFC 6781 Errata? Matthew Pounsett
- Re: [DNSOP] RFC 6781 Errata? Paul Hoffman
- Re: [DNSOP] RFC 6781 Errata? Matthijs Mekking
- Re: [DNSOP] RFC 6781 Errata? Matthew Pounsett