[DNSOP] I-D Action: draft-ietf-dnsop-dnssec-automation-00.txt

internet-drafts@ietf.org Tue, 24 May 2022 12:18 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A50F9C157B53; Tue, 24 May 2022 05:18:21 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: dnsop@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 8.3.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: dnsop@ietf.org
Message-ID: <165339470165.57959.3746488729887468681@ietfa.amsl.com>
Date: Tue, 24 May 2022 05:18:21 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/MENKCvTFg3Q4PWRlj7sY5Mc910E>
Subject: [DNSOP] I-D Action: draft-ietf-dnsop-dnssec-automation-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.34
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 May 2022 12:18:21 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations WG of the IETF.

        Title           : DNSSEC automation
        Authors         : Ulrich Wisser
                          Shumon Huque
	Filename        : draft-ietf-dnsop-dnssec-automation-00.txt
	Pages           : 12
	Date            : 2022-05-24

   This document describes an algorithm and a protocol to automate
   DNSSEC Multi-Signer [RFC8901] "Multi-Signer DNSSEC Models" setup,
   operations and decomissioning.  Using Model 2 of the Multi-Signer
   specification, where each operator has their own distinct KSK and ZSK
   sets (or CSK sets), [RFC8078] "Managing DS Records from the Parent
   via CDS/CDNSKEY" and [RFC7477] "Child-to-Parent Synchronization in
   DNS" to accomplish this.

The IETF datatracker status page for this draft is:

There is also an HTML version available at:

Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts