IETF Logo Mail Archive

Re: [Gen-art] Gen-ART review of draft-ietf-dnsop-dnssec-dps-framework-08

Joe Abley <jabley@hopcount.ca> Mon, 16 July 2012 22:33 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB96711E8321; Mon, 16 Jul 2012 15:33:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t0xZ5F414CTP; Mon, 16 Jul 2012 15:33:17 -0700 (PDT)
Received: from mail.hopcount.ca (mail.hopcount.ca [216.235.14.37]) by ietfa.amsl.com (Postfix) with ESMTP id 4219B11E813D; Mon, 16 Jul 2012 15:33:17 -0700 (PDT)
Received: from [199.212.90.56] by mail.hopcount.ca with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.77 (FreeBSD)) (envelope-from <jabley@hopcount.ca>) id 1SqtrW-000A1a-8G; Mon, 16 Jul 2012 22:33:55 +0000
Subject: Re: [Gen-art] Gen-ART review of draft-ietf-dnsop-dnssec-dps-framework-08
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: text/plain; charset="us-ascii"
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <72D7767E-8AE5-4A91-BE2C-4A949997C5CA@vigilsec.com>
Date: Mon, 16 Jul 2012 18:33:52 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <29BF6AF1-3924-42F0-B8BD-1B1250CAECD6@hopcount.ca>
References: <003c01cd6225$6f4cab60$4de60220$@akayla.com> <72D7767E-8AE5-4A91-BE2C-4A949997C5CA@vigilsec.com>
To: Russ Housley <housley@vigilsec.com>
X-Mailer: Apple Mail (2.1278)
Cc: Peter Yee <peter@akayla.com>, gen-art@ietf.org, ietf@ietf.org, draft-ietf-dnsop-dnssec-dps-framework.all@tools.ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jul 2012 22:33:17 -0000

Hi Russ,

On 2012-07-15, at 11:39, Russ Housley wrote:

> Peter:
> 
> Thanks for the review.  I've not read this document yet, but you review raises a question in my mind.
> 
> If a DNSSEC policy or practice statement is revised or amended, what actions are needed make other aware of the change?

Each DPS contains these kinds of details. Guidance for how to write the corresponding DPS sections is included in this draft:

4.2.  Publication and repositories

   The component describes the requirements for an entity to publish
   information regarding its practices, public keys, the current status
   of such keys together with details relating to the repositories in
   which the information is held.  This may include the responsibilities
   of publishing the DPS and of identifying documents that are not made
   publicly available owing to their sensitive nature, e.g. security
   controls, clearance procedures, or business information.

4.2.1.  Repositories

   This subcomponent describes the repository mechanisms used for making
   information available to the stakeholders, and may include:

   o  The locations of the repositories and the means by which they may
      be accessed;

   o  An identification of the entity or entities that operate
      repositories, such as a zone operator or a TLD Manager;

   o  Access control on published information objects.

   o  Any notification services which may be subscribed to by the
      stakeholders;


Joe

v2.23.0 | Report a Bug | By Email