%% You should probably cite draft-ietf-dnsop-dnssec-automation-02 instead of this revision. @techreport{ietf-dnsop-dnssec-automation-00, number = {draft-ietf-dnsop-dnssec-automation-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-automation/00/}, author = {Ulrich Wisser and Shumon Huque}, title = {{DNSSEC automation}}, pagetotal = 12, year = 2022, month = may, day = 24, abstract = {This document describes an algorithm and a protocol to automate DNSSEC Multi-Signer {[}RFC8901{]} "Multi-Signer DNSSEC Models" setup, operations and decomissioning. Using Model 2 of the Multi-Signer specification, where each operator has their own distinct KSK and ZSK sets (or CSK sets), {[}RFC8078{]} "Managing DS Records from the Parent via CDS/CDNSKEY" and {[}RFC7477{]} "Child-to-Parent Synchronization in DNS" to accomplish this.}, }