Protocol Action: 'Automated Updates of DNSSEC Trust Anchors' to Internet Standard (RFC 5011)
IESG Secretary <iesg-secretary@ietf.org> Thu, 03 January 2013 17:32 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A78611E809C; Thu, 3 Jan 2013 09:32:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100
X-Spam-Level:
X-Spam-Status: No, score=-100 tagged_above=-999 required=5 tests=[USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ayJKpYgccLvs; Thu, 3 Jan 2013 09:32:30 -0800 (PST)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE0F721F86D2; Thu, 3 Jan 2013 09:32:30 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: IESG Secretary <iesg-secretary@ietf.org>
To: IETF Announcement List <ietf-announce@ietf.org>
Subject: Protocol Action: 'Automated Updates of DNSSEC Trust Anchors' to Internet Standard (RFC 5011)
X-Test-IDTracker: no
X-IETF-IDTracker: 4.37
Message-ID: <20130103173230.32293.58026.idtracker@ietfa.amsl.com>
Date: Thu, 03 Jan 2013 09:32:30 -0800
Cc: iesg@ietf.org, dnsext-chairs@tools.ietf.org, dnsext@ietf.org, rfc-editor@rfc-editor.org
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jan 2013 17:32:31 -0000
The IESG has approved the following document: - 'Automated Updates of DNS Security (DNSSEC) Trust Anchors,' RFC 5011 as an Internet Standard. This document is the product of the DNS Extensions Working Group. A URL of this document is: https://datatracker.ietf.org/doc/rfc5011/ Abstract: This document describes a means for automated, authenticated, and authorized updating of DNSSEC "trust anchors". The method provides protection against N-1 key compromises of N keys in the trust point key set. Based on the trust established by the presence of a current anchor, other anchors may be added at the same place in the hierarchy, and, ultimately, supplant the existing anchor(s). This mechanism will require changes to resolver management behavior (but not resolver resolution behavior), and the addition of a single flag bit to the DNSKEY record.
- Protocol Action: 'Automated Updates of DNSSEC Tru… IESG Secretary