[DNSOP] Warren Kumari's Yes on draft-ietf-dnsop-multi-provider-dnssec-04: (with COMMENT)
Warren Kumari via Datatracker <noreply@ietf.org> Tue, 31 March 2020 13:39 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FEEF3A211C; Tue, 31 Mar 2020 06:39:56 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Warren Kumari via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-dnsop-multi-provider-dnssec@ietf.org, dnsop-chairs@ietf.org, dnsop@ietf.org, Benno Overeinder <benno@NLnetLabs.nl>, benno@NLnetLabs.nl
X-Test-IDTracker: no
X-IETF-IDTracker: 6.123.1
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Warren Kumari <warren@kumari.net>
Message-ID: <158566199604.28566.7133110862216343379@ietfa.amsl.com>
Date: Tue, 31 Mar 2020 06:39:56 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/f9eeRYpCNIETpDcUAZVk154eKzw>
Subject: [DNSOP] Warren Kumari's Yes on draft-ietf-dnsop-multi-provider-dnssec-04: (with COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Mar 2020 13:39:56 -0000
Warren Kumari has entered the following ballot position for draft-ietf-dnsop-multi-provider-dnssec-04: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dnsop-multi-provider-dnssec/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- In general I try to include some background / context when putting documents up for IESG Eval, but in this case there isn't much that I can say that isn't already covered by the Abstract: --- Many enterprises today employ the service of multiple DNS providers to distribute their authoritative DNS service. Deploying DNSSEC in such an environment may present some challenges depending on the configuration and feature set in use. In particular, when each DNS provider independently signs zone data with their own keys, additional key management mechanisms are necessitated. This document presents deployment models that accommodate this scenario and describe these key management requirements. These models do not require any changes to the behavior of validating resolvers, nor do they impose the new key management requirements on authoritative servers not involved in multi signer configurations. ---
- [DNSOP] Warren Kumari's Yes on draft-ietf-dnsop-m… Warren Kumari via Datatracker