[DNSSEC-Bootstrapping] Status
Peter Thomassen <peter@desec.io> Tue, 19 October 2021 12:48 UTC
Return-Path: <peter@desec.io>
X-Original-To: dnssec-bootstrapping@ietfa.amsl.com
Delivered-To: dnssec-bootstrapping@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A523E3A0C92 for <dnssec-bootstrapping@ietfa.amsl.com>; Tue, 19 Oct 2021 05:48:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=a4a.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2ZMXtL-Tgq6q for <dnssec-bootstrapping@ietfa.amsl.com>; Tue, 19 Oct 2021 05:48:10 -0700 (PDT)
Received: from mail.a4a.de (mail.a4a.de [IPv6:2a01:4f8:10a:1d5c:8000::8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AEC93A0C54 for <dnssec-bootstrapping@ietf.org>; Tue, 19 Oct 2021 05:48:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=a4a.de; s=20170825; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date: Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=TolBJENYEmrR2tqTWYi0vLpkwQuBoIW0hVcEKz2LiI8=; b=SQ1GbMMe1UJVlDcB3ARGfIyqnd Eukn6zu3onNQ/Sy4FhBiOSlUFmptWopKLyaUVbUHtj6KItZw3BXh+FEex1mRple3LPDta1S2goT+c Jh+Epn0pgapwz2Fl+5Y6tHPomCu8B7HOVyl4eO+AMP71UWRRbDbVIOA1AJu6ztCGj+HLK1HgZYTFD EH04G4JuOkT7ETYdZZwxICDp7cLExwpBA60qS6OJLeSfaEQuEyrMc8NUDrffh+yzm2OmgljJ0XreT o5lMTQ+BBmoPxAafx0X504VRMkfbR6OXSn5bEjhAFch6SHQW7nldFhSEhGLdt8oj8nDBFVuGJbY5/ mblKdK3A==;
Received: from [213.61.118.178] (helo=[192.168.188.94]) by mail.a4a.de with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <peter@desec.io>) id 1mcoXD-0003PE-Ue for dnssec-bootstrapping@ietf.org; Tue, 19 Oct 2021 14:48:04 +0200
To: dnssec-bootstrapping@ietf.org
From: Peter Thomassen <peter@desec.io>
Message-ID: <20de3f7d-2793-34a1-1a4f-a37518d31384@desec.io>
Date: Tue, 19 Oct 2021 14:48:03 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: de-DE
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssec-bootstrapping/XPAvdzSI8fd765BFdi4HNUatV7E>
Subject: [DNSSEC-Bootstrapping] Status
X-BeenThere: dnssec-bootstrapping@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Authenticated Bootstrapping of DNSSEC Delegations <dnssec-bootstrapping.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssec-bootstrapping>, <mailto:dnssec-bootstrapping-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssec-bootstrapping/>
List-Post: <mailto:dnssec-bootstrapping@ietf.org>
List-Help: <mailto:dnssec-bootstrapping-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssec-bootstrapping>, <mailto:dnssec-bootstrapping-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Oct 2021 12:48:16 -0000
Folks, I quickly wanted to check in with you what the status is on DNSSEC Bootstrapping. 1.) Draft --------- My impression is that the draft is in quite mature shape, and we've converged on most questions. Of the remaining issues, only one affects the protocol format (everything else is about defining operational practice, such as when to trigger a bootstrapping scan). I'll send a separate message about the protocol format issue. We have requested slots to present at ICANN 72 and IETF 112, and are planning to ask the DNSOP WG for adoption around that time. Link: https://datatracker.ietf.org/doc/draft-thomassen-dnsop-dnssec-bootstrapping/ 2.) Implementation status ------------------------- deSEC is running bootstrapping zones at _boot.ns1.desec.io and _boot.ns2.desec.org, which contain bootstrapping signaling records for about 14,000 domains. (This is currently not automatically synced when a new domain is created at deSEC. If you need a new domain to show up, please send me a note.) Regarding other DNS operators, registrars and registries on this list: Would you like to share what your current plans are? Thanks, Peter -- Like our community service? 💛 Please consider donating at https://desec.io/ deSEC e.V. Kyffhäuserstr. 5 10781 Berlin Germany Vorstandsvorsitz: Nils Wisiol Registergericht: AG Berlin (Charlottenburg) VR 37525
- [DNSSEC-Bootstrapping] Status Peter Thomassen