comments on draft-ietf-dnsop-resolver-rollover-00.txt

"Scott Rose" <scottr@antd.nist.gov> Mon, 02 July 2001 16:09 UTC

Received: from nic.cafax.se (nic.cafax.se [192.71.228.17]) by ietf.org (8.9.1a/8.9.1a) with SMTP id MAA01387 for <dnsop-archive@odin.ietf.org>; Mon, 2 Jul 2001 12:09:17 -0400 (EDT)
Received: from nic.cafax.se (localhost [127.0.0.1]) by nic.cafax.se (8.12.0.Beta13/8.12.0.Beta13) with ESMTP id f62FjgsG020493 for <dnsop-outgoing@nic.cafax.se>; Mon, 2 Jul 2001 17:45:42 +0200 (MEST)
Received: by nic.cafax.se (8.12.0.Beta13/8.12.0.Beta13) id f62FjeDC020492 for dnsop-outgoing; Mon, 2 Jul 2001 17:45:40 +0200 (MEST)
X-Authentication-Warning: nic.cafax.se: majordom set sender to owner-dnsop@cafax.se using -f
Received: from is1-55.antd.nist.gov (is1-50.antd.nist.gov [129.6.50.251]) by nic.cafax.se (8.12.0.Beta13/8.12.0.Beta13) with ESMTP id f62FjdsG020487 for <dnsop@cafax.se>; Mon, 2 Jul 2001 17:45:39 +0200 (MEST)
Received: from barnacle (barnacle.antd.nist.gov [129.6.55.185]) by is1-55.antd.nist.gov (8.9.3/8.9.3) with SMTP id LAA22221 for <dnsop@cafax.se>; Mon, 2 Jul 2001 11:45:36 -0400 (EDT)
Message-ID: <01de01c1030d$d2c887a0$b9370681@antd.nist.gov>
From: "Scott Rose" <scottr@antd.nist.gov>
To: <dnsop@cafax.se>
Subject: comments on draft-ietf-dnsop-resolver-rollover-00.txt
Date: Mon, 2 Jul 2001 11:44:04 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Sender: owner-dnsop@cafax.se
Precedence: bulk
Content-Transfer-Encoding: 7bit

First, I think this is a good draft to discuss more of the security
maintenance necessary once DNSSEC gets deployed on a larger scale.  However,
there are two points I would like to bring up to the group for discussion:

1.  In section 2.2, the sixth paragraph states that "During a PC-rollover [a
delegated child conducts a key rollover] the old and the new key have to
coexist in the zone and the zone must be signed with both the old and new
keys so that end-users..."  Should this "must" be a "MUST"?  I think it
would stress a key part of this feature, and would be necessary.

2.  The draft should stress that this rollover transaction should only be
used for scheduled KEY rollover.  An emergency rollover (compromised key)
would require more timely interaction and some out of band communication for
both the PC and SE rollovers.  Hard-nosed security folk will be quick to
jump on this point.

Scott

===============================================================
Scott Rose
Advanced Network Technologies Division
NIST

ph: 301-975-8439                       fax: 301-590-0932
http://www.nist.gov
===============================================================