[DNSOP] FW: New Version Notification for draft-mglt-dnsop-dnssec-validator-requirements-04.txt

Daniel Migault <daniel.migault@ericsson.com> Mon, 27 March 2017 14:16 UTC

Return-Path: <daniel.migault@ericsson.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9B981296D8 for <dnsop@ietfa.amsl.com>; Mon, 27 Mar 2017 07:16:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F6qhWYB8wHhV for <dnsop@ietfa.amsl.com>; Mon, 27 Mar 2017 07:16:49 -0700 (PDT)
Received: from usplmg21.ericsson.net (usplmg21.ericsson.net [198.24.6.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97289127010 for <dnsop@ietf.org>; Mon, 27 Mar 2017 07:16:49 -0700 (PDT)
X-AuditID: c6180641-c3fff70000000a06-52-58d8d8754b51
Received: from EUSAAHC006.ericsson.se (Unknown_Domain [147.117.188.90]) by (Symantec Mail Security) with SMTP id F8.54.02566.578D8D85; Mon, 27 Mar 2017 11:16:41 +0200 (CEST)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC006.ericsson.se ([147.117.188.90]) with mapi id 14.03.0339.000; Mon, 27 Mar 2017 10:16:42 -0400
From: Daniel Migault <daniel.migault@ericsson.com>
To: dnsop <dnsop@ietf.org>
Thread-Topic: New Version Notification for draft-mglt-dnsop-dnssec-validator-requirements-04.txt
Thread-Index: AQHSpwQ59LntiRRPpEidsUMcUV778qGoupqQ
Date: Mon, 27 Mar 2017 14:16:36 +0000
Message-ID: <2DD56D786E600F45AC6BDE7DA4E8A8C118BB74CA@eusaamb107.ericsson.se>
References: <149062396899.30595.6360166634187605799.idtracker@ietfa.amsl.com>
In-Reply-To: <149062396899.30595.6360166634187605799.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.12]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrBLMWRmVeSWpSXmKPExsUyuXRPlG7ljRsRBis/c1vcfXOZxYHRY8mS n0wBjFFcNimpOZllqUX6dglcGe1rr7MVnJGqaOrfwdTA+EWyi5GTQ0LARGLX/07WLkYuDiGB DYwSe2d3QDnLGSUaX/1lAaliEzCSaDvUzw5iiwhISTyb9QgsLiyQKLF4SRMbRDxJ4kDXWaga I4kHl1rAbBYBVYl/h7Yzgdi8Ar4SH+4cBusVArJvTd7NCGJzCvhJrFm3D8xmFBCT+H5qDVg9 s4C4xK0n85kgLhWQWLLnPDOELSrx8vE/VghbSWLO62tAcQ6gek2J9bv0IVoVJaZ0P2SHWCso cXLmE5YJjCKzkEydhdAxC0nHLCQdCxhZVjFylBYX5OSmGxluYgSG9zEJNscdjHt7PQ8xCnAw KvHwLmC8ESHEmlhWXJl7iFGCg1lJhPcb980IId6UxMqq1KL8+KLSnNTiQ4zSHCxK4rzvyi9E CAmkJ5akZqemFqQWwWSZODilGhhLo8/HVTUwP5x24XFCqtOhrz66ik6rzgfaSHGonT9y9sel GQ13GFmrlqX9TQ1jWZkk+bJkLodEVlPTwSp3r7x1KycJvXcNzDZ/VqQqefb74+N9Vk4ZT8o3 pNdWbm3M+zyPUbiwqeej69b/3dJLnP0rdvFkhG/4URM4QTh3hp8Hj01tpwRTuxJLcUaioRZz UXEiAMHO6qdrAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/bPxzY9WQwpDOK7Dy583Zq1SsqXY>
Subject: [DNSOP] FW: New Version Notification for draft-mglt-dnsop-dnssec-validator-requirements-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2017 14:16:53 -0000

Hi, 

Please find an update of our draft on requirements for DNSSEC resolver. 

DNS resolvers hardly enable DNSSEC as 1) resolvers are not robust too DNS authoritative operations – like KSK roll over, signing errors…. – and 2) network administrators have little control on these resolvers to recover such situations.

The draft describes how invalid DNSSEC related RRsets may be considered by the resolver. The listed requirements aim at designing mechanisms as well as interactions with network managers can easily solve/avoid these situations. Such mechanisms are expected to encourage DNSSEC deployment on resolvers.

Yours, 
Daniel

-----Original Message-----
From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] 
Sent: Monday, March 27, 2017 9:13 AM
To: Edward Lewis <edward.lewis@icann.org>rg>; Daniel Migault <daniel.migault@ericsson.com>om>; Dan York <york@isoc.org>rg>; york@isoc.org <york@isoc.org>
Subject: New Version Notification for draft-mglt-dnsop-dnssec-validator-requirements-04.txt


A new version of I-D, draft-mglt-dnsop-dnssec-validator-requirements-04.txt
has been successfully submitted by Daniel Migault and posted to the IETF repository.

Name:		draft-mglt-dnsop-dnssec-validator-requirements
Revision:	04
Title:		DNSSEC Validators Requirements
Document date:	2017-03-27
Group:		Individual Submission
Pages:		10
URL:            https://www.ietf.org/internet-drafts/draft-mglt-dnsop-dnssec-validator-requirements-04.txt
Status:         https://datatracker.ietf.org/doc/draft-mglt-dnsop-dnssec-validator-requirements/
Htmlized:       https://tools.ietf.org/html/draft-mglt-dnsop-dnssec-validator-requirements-04
Htmlized:       https://datatracker.ietf.org/doc/html/draft-mglt-dnsop-dnssec-validator-requirements-04
Diff:           https://www.ietf.org/rfcdiff?url2=draft-mglt-dnsop-dnssec-validator-requirements-04

Abstract:
   DNSSEC provides data integrity and authentication for DNSSEC
   validators.  However, without valid trust anchor(s) and an acceptable
   value for the current time, DNSSEC validation cannot be performed.
   This document lists the requirements to be addressed so resolvers can
   have DNSSEC validation can be always-on.

                                                                                  


Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat