[DNSOP] Document Action: 'Definition and Use of DNSSEC Negative Trust Anchors' to Informational RFC (draft-ietf-dnsop-negative-trust-anchors-10.txt)
The IESG <iesg-secretary@ietf.org> Mon, 13 July 2015 18:42 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB11E1B2D2F; Mon, 13 Jul 2015 11:42:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0JChcZ3heonE; Mon, 13 Jul 2015 11:42:47 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E92B1B2D44; Mon, 13 Jul 2015 11:42:37 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.0.4.p3
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150713184237.4822.2160.idtracker@ietfa.amsl.com>
Date: Mon, 13 Jul 2015 11:42:37 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/lZeJ28zfYxaeu6Eal8mYCp857kA>
Cc: dnsop mailing list <dnsop@ietf.org>, dnsop chair <dnsop-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: [DNSOP] Document Action: 'Definition and Use of DNSSEC Negative Trust Anchors' to Informational RFC (draft-ietf-dnsop-negative-trust-anchors-10.txt)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2015 18:42:48 -0000
The IESG has approved the following document: - 'Definition and Use of DNSSEC Negative Trust Anchors' (draft-ietf-dnsop-negative-trust-anchors-10.txt) as Informational RFC This document is the product of the Domain Name System Operations Working Group. The IESG contact persons are Benoit Claise and Joel Jaeggli. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-dnsop-negative-trust-anchors/ Technical Summary As DNS Security Extensions (DNSSEC) is being widely deployed, tools and processes are not fully mature. Creating a temporary object called Negative Trust Anchor to temporarily disable DNSSEC validation for misconfigured domains; thereby allowing DNS resolution to continue working. Working Group Summary The working group spent time reviewing the document, and several points were raised about the deployment of these trust anchors. However, all points raised involved clarification text which made the final document more robust. There were no decisions that were particularly rough. Document Quality There were several editorial passes done during the timeframe, all of which cleared up the text. The document has a section on managing these Negative Trust Anchors, and laid out in a manner that operators of DNS zones will be able to use. Additionally, there are examples from existing DNS tools in Appendix A. Personnel The document shepherd is Tim Wicinski. Responsible Area Director is Joel Jaeggli.