Delegation Signer (DS) Resource Record (RR)
draft-ietf-dnsext-delegation-signer-15
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2015-10-14
|
15 | (System) | Notify list changed from , to |
|
2003-12-19
|
15 | (System) | Ballot has been issued |
|
2003-12-19
|
15 | (System) | Created "Approve" ballot |
|
2003-12-19
|
15 | Amy Vezza | State Changes to RFC Published from RFC Ed Queue by Amy Vezza |
|
2003-12-18
|
15 | (System) | RFC published |
|
2003-08-26
|
15 | Natalia Syracuse | State Changes to RFC Ed Queue from Approved-announcement sent by Natalia Syracuse |
|
2003-08-25
|
15 | Amy Vezza | IESG state changed to Approved-announcement sent |
|
2003-08-25
|
15 | Amy Vezza | IESG has approved the document |
|
2003-08-25
|
15 | (System) | Ballot writeup text was added |
|
2003-08-25
|
15 | (System) | Last call text was added |
|
2003-08-25
|
15 | (System) | Ballot approval text was added |
|
2003-08-21
|
15 | Amy Vezza | State Changes to Approved-announcement to be sent from IESG Evaluation by Amy Vezza |
|
2003-08-21
|
15 | Amy Vezza | Removed from agenda for telechat - 2003-08-21 by Amy Vezza |
|
2003-08-20
|
15 | Harald Alvestrand | I'm a YES on this one. Still - nits, section 2.2.1. Each DS RRset stored in the parent zone MUST be signed … I'm a YES on this one. Still - nits, section 2.2.1. Each DS RRset stored in the parent zone MUST be signed by at least one of the parent zone's private keys. The parent zone MUST NOT contain a KEY RRset at any delegation point. Delegations in the parent MAY contain only the following RR types: NS, DS, NXT and SIG. I think this was intended to say "MAY contain NS, DS, NXT and SIG, and MUST NOT contain other types". With 2119 meaning of MAY (can choose to do so or can choose not to do so), this is unclear. ..... A secure zone MUST contain a self-signed KEY RRset at its apex. Upon verifying the DS RRset from the parent, a resolver MAY trust any KEY identified in the DS RRset as a valid signer of the child's apex KEY RRset. Resolvers configured to trust one of the keys signing the KEY RRset MAY now treat any data signed by the zone keys in the KEY RRset as secure. Query: Is it intentional that this allows resolvers to consider the data insecure, even when it's signed? I think that's reasonable (the resolver may know of a key compromise), but want to make sure that's what the WG intended. |
|
2003-08-18
|
15 | Michael Lee | State Changes to IESG Evaluation from In Last Call by Michael Lee |
|
2003-08-18
|
15 | Michael Lee | Placed on agenda for telechat - 2003-08-21 by Michael Lee |
|
2003-07-22
|
15 | Thomas Narten | Shepherding AD has been changed to Narten, Thomas from Nordmark, Erik |
|
2003-07-04
|
15 | Michael Lee | Last call sent |
|
2003-07-04
|
15 | Michael Lee | State Changes to In Last Call from In Last Call by Lee, Michael |
|
2003-07-03
|
15 | Erik Nordmark | Date: Fri, 27 Jun 2003 09:25:48 +0200 (CEST) From: "Erik Nordmark" Subject: Re: Delegation Signer Document Done. To: "Olaf Kolkman" Cc: namedroppers@ops.ietf.org Some quick comments. … Date: Fri, 27 Jun 2003 09:25:48 +0200 (CEST) From: "Erik Nordmark" Subject: Re: Delegation Signer Document Done. To: "Olaf Kolkman" Cc: namedroppers@ops.ietf.org Some quick comments. If there aren't more substantial comments from the WG these can be fixed after the IETF last call. 1.2 Reserved Words The key words "MAY","MAY NOT", "MUST", "MUST NOT", "REQUIRED", There is no such thing as "MAY NOT" in RFC 2119. 5) If the server is not authoritative for any part of the QNAME, a response indicating a lame server for QNAME is given. Is the format of a response indicating a lame server well defined? Well known? I haven't seen an actual definition in a RFC. Or does it make sense to spell out what the response will contain? Erik -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: |
|
2003-07-03
|
15 | Erik Nordmark | State Changes to In Last Call from Last Call Requested by Nordmark, Erik |
|
2003-07-03
|
15 | Erik Nordmark | State Changes to Last Call Requested from AD Evaluation by Nordmark, Erik |
|
2003-06-26
|
15 | Erik Nordmark | State Changes to AD Evaluation from AD Evaluation :: Revised ID Needed by Nordmark, Erik |
|
2003-06-19
|
15 | (System) | New version available: draft-ietf-dnsext-delegation-signer-15.txt |
|
2003-05-06
|
14 | (System) | New version available: draft-ietf-dnsext-delegation-signer-14.txt |
|
2003-03-03
|
13 | (System) | New version available: draft-ietf-dnsext-delegation-signer-13.txt |
|
2002-12-04
|
12 | (System) | New version available: draft-ietf-dnsext-delegation-signer-12.txt |
|
2002-11-04
|
11 | (System) | New version available: draft-ietf-dnsext-delegation-signer-11.txt |
|
2002-10-16
|
10 | (System) | New version available: draft-ietf-dnsext-delegation-signer-10.txt |
|
2002-10-03
|
15 | Erik Nordmark | State Changes to AD Evaluation -- New ID Needed from AD Evaluation -- External Party by nordmark |
|
2002-09-30
|
09 | (System) | New version available: draft-ietf-dnsext-delegation-signer-09.txt |
|
2002-09-05
|
15 | Erik Nordmark | Document will be updated to clarify some issues from the recent DNSSEC implementation workshop. |
|
2002-09-05
|
15 | Erik Nordmark | responsible has been changed to Working Group from Area Directors |
|
2002-09-05
|
15 | Erik Nordmark | State Changes to New Version Needed (WG/Author) from Wait for Writeup by nordmark |
|
2002-07-30
|
15 | Stephen Coya | State Changes to Wait for Writeup from Last Call … State Changes to Wait for Writeup from Last Call Issued by scoya |
|
2002-07-02
|
15 | Jacqueline Hargest | responsible has been changed to Area Directors from IETF Secretary |
|
2002-07-02
|
15 | Jacqueline Hargest | State Changes to Last Call Issued from Last Call … State Changes to Last Call Issued from Last Call Requested by jhargest |
|
2002-07-02
|
15 | Erik Nordmark | responsible has been changed to IETF Secretary from Working Group |
|
2002-07-02
|
15 | Erik Nordmark | State Changes to Last Call Requested from AD Evaluation … State Changes to Last Call Requested from AD Evaluation by nordmark |
|
2002-07-01
|
08 | (System) | New version available: draft-ietf-dnsext-delegation-signer-08.txt |
|
2002-06-05
|
15 | Erik Nordmark | Pinged WG about updated I-D resolving editorial comments. |
|
2002-06-05
|
15 | Erik Nordmark | A new comment added by nordmark |
|
2002-05-06
|
15 | Erik Nordmark | Send editorial AD comments to mailing list. |
|
2002-05-06
|
15 | Erik Nordmark | responsible has been changed to Working Group from Area Directors |
|
2002-05-06
|
15 | Erik Nordmark | Intended Status has been changed to Proposed Standard from Request |
|
2002-03-28
|
15 | Erik Nordmark | Draft Added by Erik Nordmark |
|
2002-03-27
|
07 | (System) | New version available: draft-ietf-dnsext-delegation-signer-07.txt |
|
2002-03-04
|
06 | (System) | New version available: draft-ietf-dnsext-delegation-signer-06.txt |
|
2002-01-11
|
05 | (System) | New version available: draft-ietf-dnsext-delegation-signer-05.txt |
|
2001-11-27
|
04 | (System) | New version available: draft-ietf-dnsext-delegation-signer-04.txt |
|
2001-10-26
|
03 | (System) | New version available: draft-ietf-dnsext-delegation-signer-03.txt |
|
2001-09-19
|
02 | (System) | New version available: draft-ietf-dnsext-delegation-signer-02.txt |
|
2001-07-19
|
01 | (System) | New version available: draft-ietf-dnsext-delegation-signer-01.txt |
|
2001-05-30
|
00 | (System) | New version available: draft-ietf-dnsext-delegation-signer-00.txt |