DNS Security (DNSSEC) Experiments
draft-ietf-dnsext-dnssec-experiments-04
Yes
(Mark Townsley)
No Objection
(Bill Fenner)
(Cullen Jennings)
(David Kessens)
(Jari Arkko)
(Jon Peterson)
(Lisa Dusseault)
(Magnus Westerlund)
(Ross Callon)
(Sam Hartman)
(Ted Hardie)
Note: This ballot was opened for revision 04 and is now closed.
Mark Townsley Former IESG member
Yes
Yes
()
Unknown
Bill Fenner Former IESG member
No Objection
No Objection
()
Unknown
Brian Carpenter Former IESG member
No Objection
No Objection
(2006-10-09)
Unknown
Editorial points from Gen-ART review by Francis Dupont, with author comments. >> Minor points (they should be fixed by the RFC Editor): >> - in 1 page 3: a missing closing parenthesis. I suggest to add the >> number of the RFCs too. Sounds good. >> - is "validatable" (in 4 page 7 and 6 page 9) a correct English word? Er, I guess not :) I suggest rewording (from 4 on page 7): That is, a zone is either in an experiment and only experimentally validatable, or it is not. with That is, a zone is either in an experiment and only possible to validate experimentally, or it is not. And suggest rewording (from 6 on page 9): For instance, the resolver may look at a non-validatable response and conclude that the response is bogus, either due to local policy or implementation details. with For instance, the resolver my look at a response that cannot be validated and still conclude that the response is bogus, either due to local policy or implementation details. >> - in 10.2 page 13 reference [6] is obsolete: a new version 03 was >> submitted in June.
Cullen Jennings Former IESG member
No Objection
No Objection
()
Unknown
Dan Romascanu Former IESG member
No Objection
No Objection
(2006-10-06)
Unknown
Why is this document aimed to be a Proposed Standard and not a BCP?
David Kessens Former IESG member
No Objection
No Objection
()
Unknown
Jari Arkko Former IESG member
(was Discuss, No Objection)
No Objection
No Objection
()
Unknown
Jon Peterson Former IESG member
No Objection
No Objection
()
Unknown
Lars Eggert Former IESG member
(was Discuss)
No Objection
No Objection
(2006-10-11)
Unknown
I was surprised to see this going for PS and not BCP. IMO this document describes the best current practice methodology for setting up DNSSEC experiments and should go for BCP. Section 4., paragraph 1: > having only unknown algorithm identifiers in the DS records for the > delegation to the zone at the parent. Nit: expand DS on first use.
Lisa Dusseault Former IESG member
No Objection
No Objection
()
Unknown
Magnus Westerlund Former IESG member
No Objection
No Objection
()
Unknown
Ross Callon Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
No Objection
No Objection
(2006-10-09)
Unknown
Please rename section 6. A reasonable title might be "Experiment Considerations". From the SecDir review by Stefan Santesson: Section 5 states: > > Resolvers MUST only recognize the experiment's semantics when > present in a zone signed by one or more of these algorithm > identifiers. > Strictly speaking, nothing is signed by an algorithm identifier. It seems that the text tries to say: > > Resolvers MUST only recognize the experiment's semantics when > present in a zone signed with one or more algorithms identified > by these algorithm identifiers.
Sam Hartman Former IESG member
No Objection
No Objection
()
Unknown
Ted Hardie Former IESG member
No Objection
No Objection
()
Unknown