Last Call: draft-ietf-dnsext-rollover-requirements -- Comment submission
Thierry Moreau <thierry.moreau@connotech.com> Mon, 22 January 2007 16:00 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H91bH-0005Hm-OF; Mon, 22 Jan 2007 11:00:51 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H7t7k-0002cu-7s for ietf@ietf.org; Fri, 19 Jan 2007 07:45:40 -0500
Received: from 66-163-8-251.ip.tor.radiant.net ([66.163.8.251] helo=smtp.Lamicro.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1H7t7S-0000R2-Vy for ietf@ietf.org; Fri, 19 Jan 2007 07:45:40 -0500
Received: from Spooler by smtp.Lamicro.com (Mercury/32 v4.01b) ID MO0003AF; 19 Jan 2007 07:48:09 -0500
Received: from spooler by smtp.Lamicro.com (Mercury/32 v4.01b); 19 Jan 2007 07:47:53 -0500
Received: from connotech.com (165.154.24.26) by SMTP.Lamicro.com (Mercury/32 v4.01b) with ESMTP ID MG0003AE; 19 Jan 2007 07:47:46 -0500
Message-ID: <45B0BE15.7020304@connotech.com>
Date: Fri, 19 Jan 2007 07:48:21 -0500
From: Thierry Moreau <thierry.moreau@connotech.com>
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: ietf@ietf.org
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.1 (/)
X-Scan-Signature: e8a67952aa972b528dd04570d58ad8fe
X-Mailman-Approved-At: Mon, 22 Jan 2007 11:00:43 -0500
Subject: Last Call: draft-ietf-dnsext-rollover-requirements -- Comment submission
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Errors-To: ietf-bounces@ietf.org
Dear IESG participants: Now that the draft-ietf-dnsext-rollover-requirements comes to the IESG, I suspect the document should be reviewed with a broader perspective than the interoperability focus of the DNSEXT wg. This draft is a requirements document that supports a protocol document, i.e. draft-ietf-dnsext-trustupdate-timers. In the DNSEXT wg, I objected to the requirements document, but acknowledged that the protocol document seems coherent with the requirements as documented. In this context, I bring to the IESG three questions about the draft-ietf-dnsext-rollover-requirements: (A) Is the redefinition of IPR procedures in a working group requirements document an acceptable precedent in IETF governance? See the text of document section 5.2 which was instrumental in the adoption of the protocol document by the DNSEXT wg. (B) ICANN (with the assistance of its IANA operating entity and DNS root operators) is the foremost operator for the protocol to be adopted by the IETF for automated DNSSEC trust anchor key rollover. Was the ICANN perspective taken into account in the document development process to the satisfaction fo the IESG? (C) In the later phase of DNSEXT wg activities in this area, an IESG member expressed concerns about the absence of a security model in the protocol document (see comment by Eric Rescorla at http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg01027.html and replies by Mike St-Johns at http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg01036.html and myself at http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg01038.html). Does the IESG perspective call for a greater attention to a formal security foundation in the requirements specifications phase as well? Despite my personal reservations about the DNSEXT wg process that brought the two drafts to their current state, e.g. question (A) above, I do not challenge the fact that rough consensus was reached at the wg level. Thus, the above three questions would be relevant to the extent that the IESG perspective may be more encompassing than the wg one. Thanks for your attention to the DNSSEC protocol extension project; in any event, it remains a fascinating application scheme for public key digital signatures. Best regards, -- - Thierry Moreau CONNOTECH Experts-conseils inc. 9130 Place de Montgolfier Montreal, Qc Canada H2M 2A1 Tel.: (514)385-5691 Fax: (514)385-5900 web site: http://www.connotech.com e-mail: thierry.moreau@connotech.com _______________________________________________ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
- Last Call: draft-ietf-dnsext-rollover-requirement… Thierry Moreau