[DNSOP] I-D Action: draft-ietf-dnsop-cds-consistency-11.txt
internet-drafts@ietf.org Thu, 11 December 2025 10:55 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from [10.244.8.105] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id B73339906053; Thu, 11 Dec 2025 02:55:08 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.54.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <176545050866.1452890.6448147026132207876@dt-datatracker-5bd94c585b-wk4l4>
Date: Thu, 11 Dec 2025 02:55:08 -0800
Message-ID-Hash: UTI56E36DIS3F4XBDBBNYQS5R4AGID2H
X-Message-ID-Hash: UTI56E36DIS3F4XBDBBNYQS5R4AGID2H
X-MailFrom: internet-drafts@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dnsop@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: dnsop@ietf.org
Subject: [DNSOP] I-D Action: draft-ietf-dnsop-cds-consistency-11.txt
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/I9jUeUHSOM_m51UIUgEliK3YfoQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
Internet-Draft draft-ietf-dnsop-cds-consistency-11.txt is now available. It is a work item of the Domain Name System Operations (DNSOP) WG of the IETF. Title: Clarifications on CDS/CDNSKEY and CSYNC Consistency Author: Peter Thomassen Name: draft-ietf-dnsop-cds-consistency-11.txt Pages: 16 Dates: 2025-12-11 Abstract: Maintenance of DNS delegations requires occasional changes of the DS and NS record sets on the parent side of the delegation. For the case of DS records, "Automating DNSSEC Delegation Trust Maintenance" (RFC 7344) provides automation by allowing the child to publish CDS and/or CDNSKEY records holding the prospective DS parameters which the parent can ingest. Similarly, "Child-to-Parent Synchronization in DNS" (RFC 7477) specifies CSYNC records to indicate a desired update of the delegation's NS (and glue) records. Parent-side entities (e.g., Registries and Registrars) can query these records from the child and, after validation, use them to update the parent- side Resource Record Sets (RRsets) of the delegation. This document specifies under which conditions the target states expressed via CDS/CDNSKEY and CSYNC records are considered "consistent". Parent-side entities accepting such records from the child have to ensure that update requests retrieved from different authoritative nameservers satisfy these consistency requirements before taking any action based on them. This document updates RFC 7344 and RFC 7477. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-dnsop-cds-consistency/ There is also an HTML version available at: https://www.ietf.org/archive/id/draft-ietf-dnsop-cds-consistency-11.html A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-dnsop-cds-consistency-11 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts
- [DNSOP] I-D Action: draft-ietf-dnsop-cds-consiste… internet-drafts