Document Action: 'DNSSEC Operational Practices, Version 2' to Informational RFC (draft-ietf-dnsop-rfc4641bis-13.txt)

The IESG <> Tue, 11 September 2012 20:06 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 2597321F8742; Tue, 11 Sep 2012 13:06:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.246
X-Spam-Status: No, score=-102.246 tagged_above=-999 required=5 tests=[AWL=-0.247, BAYES_00=-2.599, J_CHICKENPOX_42=0.6, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id yJPQJM8g9Ws3; Tue, 11 Sep 2012 13:06:16 -0700 (PDT)
Received: from (localhost []) by (Postfix) with ESMTP id 1218921F8757; Tue, 11 Sep 2012 13:06:16 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <>
To: IETF-Announce <>
Subject: Document Action: 'DNSSEC Operational Practices, Version 2' to Informational RFC (draft-ietf-dnsop-rfc4641bis-13.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 4.34
Message-ID: <>
Date: Tue, 11 Sep 2012 13:06:16 -0700
Cc: dnsop mailing list <>, dnsop chair <>, RFC Editor <>
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IETF announcement list. No discussions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 11 Sep 2012 20:06:17 -0000

The IESG has approved the following document:
- 'DNSSEC Operational Practices, Version 2'
  (draft-ietf-dnsop-rfc4641bis-13.txt) as Informational RFC

This document is the product of the Domain Name System Operations Working

The IESG contact persons are Ronald Bonica and Benoit Claise.

A URL of this Internet Draft is:

Technical Summary

  This document describes a set of practices for operating the DNS with
  security extensions (DNSSEC).  The target audience is DNS zone
  administrators deploying DNSSEC.

  The document discusses operational aspects of using keys and
  signatures in the DNS.  It elaborates on issues of key generation,
  key storage, signature generation, key rollover, and related tasks.

Working Group Summary

  The draft started as an updated version of RFC 4641 in 2009
  and and was updated through WG contributions up to
  version -06 that got WGLC'ed in April 2011.  Multiple
  comments received during the WGLC as well as after this
  were taken into account with the consent of the WG,
  leading to version -12 as of today.  No part of the document
  was particluarly contentious, as the draft primarily discusses
  tradeoffs in favor of making recommendations.  That means
  reasonable dissenting views could be and are reflected
  in the document.

Document Quality

  This draft is a definitive improvement over RFC 4641, which
  it strives to replace.  Various TLD and other zones'
  DNSSEC practices are in line with, or within the boundaries
  of this draft, that therefore reflects the collective wisdom
  of those active operators who chose to contribute.  The draft
  received significant review within the WG as well as
  attention outside the IETF.


  Peter Koch is the document shepherd, Ron Bonica is the responsible AD.