DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format
draft-ietf-dnsext-nsec-rdata-06
Yes
(Thomas Narten)
No Objection
(Alex Zinin)
(Bill Fenner)
(David Kessens)
(Jon Peterson)
(Margaret Cullen)
(Russ Housley)
(Ted Hardie)
Abstain
Note: This ballot was opened for revision 06 and is now closed.
Thomas Narten Former IESG member
Yes
Yes
()
Unknown
Alex Zinin Former IESG member
No Objection
No Objection
()
Unknown
Allison Mankin Former IESG member
(was Yes)
No Objection
No Objection
(2004-05-27)
Unknown
There was a quite clear WG consensus determination on NXT's/NSEC's privacy issues years ago with European regulations and the DNS design in mind then. Perhaps the problem was lack of community-wide Last Call at that time. Hmm.
Bert Wijnen Former IESG member
No Objection
No Objection
(2004-05-26)
Unknown
Front page (top left) has: Updates: RFC 2535, RFC TCR (if approved) - We normally want the "Updates xxx..." also in the abstract. I wonder if the security considerations section should have some text about the privacy-concerns that have apparantly been discussed.
Bill Fenner Former IESG member
No Objection
No Objection
()
Unknown
David Kessens Former IESG member
No Objection
No Objection
()
Unknown
Harald Alvestrand Former IESG member
No Objection
No Objection
(2004-05-26)
Unknown
Reviewed by Mark Allman, Gen-ART Minor things ... + old boilerplate + look for "must" and think about whether it should be "MUST" + the citation to "RFC TCR" since it's an i-d The document seems fine to me.
Jon Peterson Former IESG member
No Objection
No Objection
()
Unknown
Margaret Cullen Former IESG member
No Objection
No Objection
()
Unknown
Russ Housley Former IESG member
No Objection
No Objection
()
Unknown
Scott Hollenbeck Former IESG member
No Objection
No Objection
(2004-05-20)
Unknown
The graphic in section 2.1 should note that the fields are of variable length as described in later text. The length appears to be fixed at 32 units, but no units are specified and there's nothing to note that the fields can be shorter or longer unless one assumes that the "/" characters imply variability.
Ted Hardie Former IESG member
No Objection
No Objection
()
Unknown
Steven Bellovin Former IESG member
Abstain
Abstain
(2004-05-24)
Unknown
I'm very concerned by reports that some European sites can't/won't deploy NSEC because they feel it conflicts with European privacy law. I have sympathy for this position -- I wrote my own draft addressing the issue 2.5 years ago. But we have an installed base that uses a similar technique (NXT records), which leaves us with the problem of running code that may not be deployable.