Re: [DNSOP] [Ext] Call for Adoption: DNSSEC as BCP: draft-hoffman-dnssec

Peter Thomassen <> Tue, 29 March 2022 12:47 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 357903A18BD; Tue, 29 Mar 2022 05:47:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id oikoPigg7o1F; Tue, 29 Mar 2022 05:47:22 -0700 (PDT)
Received: from ( [IPv6:2a01:4f8:10a:1d5c:8000::8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id EB6C93A18D7; Tue, 29 Mar 2022 05:47:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;; s=20170825; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:From: References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=ZFx7dLB0j2JiBHBQTTaobYGjPoobEpX/ZvpUNDejEsg=; b=JkI77z87PgEjIvaSdrgvezKEij VYyzAlNS7QcJ+pyCI7VoXRzfeW/Dx+VAxHEWz3OLuIU5GFvgKu/giGPIcu/9QAZb/26p1slF4GcSW XWef7eXEGl+qAMV7Yp22gzCSkbDgcLJFz6vrDUYCOeL0gGdeocaS8G/o9vjuVnvMnSRcN3ww6N/FB JueppsiDoOVDPrN0+Q/tlBxYYr4R/VADfskGo7KP1T9VCMuKu6ta2ZhRY4GHoHVRNd4NUZCN8U/39 znJ4Pq3j0YdvGCUbGKBitjUXuFRb735Qv54I//1AoswQGCpq47JcET/1Rfkr1eWZWMONJ1Zv5zzim eVbjBzUg==;
Received: from [] (helo=[]) by with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <>) id 1nZBFh-0001Bo-Vh; Tue, 29 Mar 2022 14:47:14 +0200
Message-ID: <>
Date: Tue, 29 Mar 2022 14:47:11 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
Content-Language: en-US
To: Paul Hoffman <>, Joey Deng <>
Cc: "" <>
References: <> <> <>
From: Peter Thomassen <>
In-Reply-To: <>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [DNSOP] [Ext] Call for Adoption: DNSSEC as BCP: draft-hoffman-dnssec
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 29 Mar 2022 12:47:35 -0000

On 3/26/22 02:21, Paul Hoffman wrote:
> On Mar 25, 2022, at 5:59 PM, Joey Deng <> wrote:
>> During my reading of DNS and DNSSEC, I found another RFC (RFC 7129) very helpful in understanding the motivation from NSEC to NSEC3, besides RFC 5155, but it is not listed in the draft above (maybe because it is for informational purposes?).
> While RFC 7129 is interesting for understanding the protocol, it is background material and maybe not really part of the protocol itself or an extension to the protocol itself. I'm not sure where it would fit into this document.

    The purpose is to introduce all of the RFCs in one place so
    that the reader can understand the many aspects of DNSSEC.

(taken from the abstract),

then including background material that helps understanding may be the right thing to do, perhaps in a separate section (e.g. "Additional non-normative documents" between Sections 3 and 4).

Otherwise, perhaps the purpose should be re-stated as to emphasize collecting only all pieces of the protocol specification.

I generally support this draft, and am willing to contribute review comments, perhaps editorial PRs etc.