Recall: Key rollover Work.

["Olaf M. Kolkman" <olaf@NLnetLabs.nl>]

On Jun 26, 2006, at 6:05 PM, Gustavo Lozano asked:

> I want to know what the status of this proposal is.

Gustavo,

Thanks for asking, you are the first person that makes me sure that  
my mail did not hit everybody's spam filter.

In a separate thread the other week I posted a proposal.


> 1 - All editors off drafts make sure that their drafts are alive in
> the repository. (before start of summer, June 21)

> 2 - Maybe some editors want to revoke their draft in lessen the
> entropy in this space or just because they think another draft is
> superior


What we have is currently, without having talked to any of these folk:

Expired: http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext- 
trustupdate-threshold
I am not sure what Ihren and Manning would like to see happening to  
this proposal.

About to expire: http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext- 
trustupdate-timers
I work from the assumption that this is one of the (promising[*])  
candidates

And from individuals we have:
draft-laurie-dnssec-key-distribution-02.txt

Finally there is Thieries work:
http://tools.ietf.org/wg/dnsext/draft-moreau-dnsext-takrem-dns-02.txt

Note that this document (version 2) now has a "Derivative Works  
Limitation" given RFC3978 that excludes it from becoming a working  
group document. That also means that it is reasonable to not expect  
people to put any effort into reviewing and improving it. I am not  
sure what the procedure is when people want to run with version 1 of  
the document that was less restrictive. If people think then takrem  
is the best technology after sliced bread and it should be considered  
for working group adoption than feel free to post that on the list,  
we can either work with the author or sort out if it is possible to  
go from version 1.

DLV is not on the table as far as I am concerned.

In practice this means that we have 3 documents to consider.


>
> 3 - We start a reading round of one month. Here we need working group
> participants doing real work (!). I would like to see (at least 5?)
> people to read _all_ the drafts. (before IETF meeting (?))
>
> 4 - While reading drafts reviewers create issue lists
>
> 5 - All people that read _all_ drafts (hopefully more than 5) will
> provide their motivated preference, say a top 3. Motivation is to be
> based on requirements. (There are folk who did proposal comparison.
> It would be good if those were reviewed and reposted at that time).
>

Note that Alberto Martínez Herrera's comparison is still available at:
http://docs.nicmxlabs.org.mx/itesm/dnsseckeyrolloverproposals.pdf

I recall there is a second comparison but I cannot find it.

Still we new more reviewers. By having people comment and choose on  
proposals we can get forward progression.


> 6- We compile a shortlist of 1 or 2 documents and work to technically
> improve those to get a consensus outcome.
>
>
> I am hesitant to spend to much face-2-face time on rehashing previous
> discussion. But if we manage to have some review done, issues
> identified, and preferences stated, we may actually be able to make
> real progress.
>
> I'd say that committed reviewers need anything between 1 to 3 days to
> do this work.
>
> Any comments, alternative approaches, takers?

As I am trying to come up with a reasonable way to pick up forward  
momentum, this is still an open question: comments, alternatives,  
takers?



---Olaf


[*] oops .. there goes your neutral chair.

-----------------------------------------------------------
Olaf M. Kolkman
NLnet Labs
http://www.nlnetlabs.nl/