DNSSEC Trust Anchor Publication for the Root Zone
draft-ietf-dnsop-rfc7958bis-06
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2024-09-23
|
06 | (System) | IANA Action state changed to No IANA Actions from In Progress |
2024-09-23
|
06 | (System) | RFC Editor state changed to EDIT |
2024-09-23
|
06 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2024-09-23
|
06 | (System) | Announcement was received by RFC Editor |
2024-09-20
|
06 | (System) | IANA Action state changed to In Progress |
2024-09-20
|
06 | (System) | Removed all action holders (IESG state changed) |
2024-09-20
|
06 | Cindy Morgan | IESG state changed to Approved-announcement sent from Approved-announcement to be sent::AD Followup |
2024-09-20
|
06 | Cindy Morgan | IESG has approved the document |
2024-09-20
|
06 | Cindy Morgan | Closed "Approve" ballot |
2024-09-20
|
06 | Cindy Morgan | Ballot approval text was generated |
2024-09-19
|
06 | Jenny Bui | IESG state changed to Approved-announcement to be sent::AD Followup from IESG Evaluation |
2024-09-19
|
06 | John Scudder | [Ballot Position Update] New position, No Objection, has been recorded for John Scudder |
2024-09-18
|
06 | Murray Kucherawy | [Ballot Position Update] New position, No Objection, has been recorded for Murray Kucherawy |
2024-09-18
|
06 | Orie Steele | [Ballot comment] Thanks to Scott Hollenbeck for the ART ART review. |
2024-09-18
|
06 | Orie Steele | [Ballot Position Update] New position, No Objection, has been recorded for Orie Steele |
2024-09-18
|
06 | Zaheduzzaman Sarker | [Ballot Position Update] New position, No Objection, has been recorded for Zaheduzzaman Sarker |
2024-09-17
|
06 | Amanda Baber | IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed |
2024-09-17
|
06 | Éric Vyncke | [Ballot comment] Thanks to Petr Špaček for his DNS-dir review at https://datatracker.ietf.org/doc/review-ietf-dnsop-rfc7958bis-06-dnsdir-telechat-spacek-2024-09-06/ (and to the authors for discussing Petr's reviews). |
2024-09-17
|
06 | Éric Vyncke | [Ballot Position Update] New position, No Objection, has been recorded for Éric Vyncke |
2024-09-16
|
06 | Roman Danyliw | [Ballot comment] Thank you to Dan Romascanu for the GENART review. |
2024-09-16
|
06 | Roman Danyliw | [Ballot Position Update] New position, No Objection, has been recorded for Roman Danyliw |
2024-09-13
|
06 | Jim Guichard | [Ballot Position Update] New position, No Objection, has been recorded for Jim Guichard |
2024-09-12
|
06 | Klaas Wierenga | Request for Telechat review by SECDIR Completed: Ready. Reviewer: Klaas Wierenga. Sent review to list. Submission of review completed at an earlier date. |
2024-09-12
|
06 | Klaas Wierenga | Request for Telechat review by SECDIR Completed: Ready. Reviewer: Klaas Wierenga. |
2024-09-09
|
06 | Gunter Van de Velde | [Ballot Position Update] New position, No Objection, has been recorded for Gunter Van de Velde |
2024-09-07
|
06 | Tero Kivinen | Request for Telechat review by SECDIR is assigned to Klaas Wierenga |
2024-09-06
|
06 | Petr Špaček | Request for Telechat review by DNSDIR Completed: Ready with Nits. Reviewer: Petr Špaček. Sent review to list. |
2024-09-05
|
06 | Geoff Huston | Request for Telechat review by DNSDIR is assigned to Petr Špaček |
2024-09-04
|
06 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2024-09-04
|
06 | Paul Hoffman | New version available: draft-ietf-dnsop-rfc7958bis-06.txt |
2024-09-04
|
06 | Paul Hoffman | New version accepted (logged-in submitter: Paul Hoffman) |
2024-09-04
|
06 | Paul Hoffman | Uploaded new revision |
2024-09-03
|
05 | Paul Wouters | [Ballot Position Update] New position, Yes, has been recorded for Paul Wouters |
2024-09-02
|
05 | Petr Špaček | Request for Telechat review by DNSDIR Completed: Ready with Issues. Reviewer: Petr Špaček. |
2024-08-31
|
05 | Erik Kline | [Ballot Position Update] New position, No Objection, has been recorded for Erik Kline |
2024-08-30
|
05 | (System) | IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed |
2024-08-29
|
05 | Geoff Huston | Request for Telechat review by DNSDIR is assigned to Petr Špaček |
2024-08-29
|
05 | Paul Hoffman | New version available: draft-ietf-dnsop-rfc7958bis-05.txt |
2024-08-29
|
05 | Paul Hoffman | New version accepted (logged-in submitter: Paul Hoffman) |
2024-08-29
|
05 | Paul Hoffman | Uploaded new revision |
2024-08-28
|
04 | Cindy Morgan | Telechat date has been changed to 2024-09-19 from 2024-09-05 |
2024-08-27
|
04 | Petr Špaček | Request for Telechat review by DNSDIR Completed: Almost Ready. Reviewer: Petr Špaček. Sent review to list. |
2024-08-26
|
04 | Jim Reid | Assignment of request for Telechat review by DNSDIR to Florian Obser was rejected |
2024-08-26
|
04 | Jim Reid | Request for Telechat review by DNSDIR is assigned to Petr Špaček |
2024-08-25
|
04 | Jim Reid | Request for Telechat review by DNSDIR is assigned to Florian Obser |
2024-08-23
|
04 | Cindy Morgan | Placed on agenda for telechat - 2024-09-05 |
2024-08-23
|
04 | Warren Kumari | Ballot has been issued |
2024-08-23
|
04 | Warren Kumari | [Ballot Position Update] New position, Yes, has been recorded for Warren Kumari |
2024-08-23
|
04 | Warren Kumari | Created "Approve" ballot |
2024-08-23
|
04 | (System) | Changed action holders to Warren Kumari (IESG state changed) |
2024-08-23
|
04 | Warren Kumari | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead::Revised I-D Needed |
2024-08-13
|
04 | Paul Wouters | A revision is needed for: Correction: Replace "IANA CA" with "ICANN CA." |
2024-08-13
|
04 | (System) | Changed action holders to Paul Hoffman, Joe Abley, Jakob Schlyter, Guillaume Bailey (IESG state changed) |
2024-08-13
|
04 | Paul Wouters | IESG state changed to Waiting for AD Go-Ahead::Revised I-D Needed from Waiting for AD Go-Ahead |
2024-08-09
|
04 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2024-08-09
|
04 | Paul Hoffman | New version available: draft-ietf-dnsop-rfc7958bis-04.txt |
2024-08-09
|
04 | Paul Hoffman | New version accepted (logged-in submitter: Paul Hoffman) |
2024-08-09
|
04 | Paul Hoffman | Uploaded new revision |
2024-08-08
|
03 | (System) | IESG state changed to Waiting for AD Go-Ahead from In Last Call |
2024-08-06
|
03 | (System) | IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed |
2024-08-06
|
03 | David Dong | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: IANA has completed its review of draft-ietf-dnsop-rfc7958bis-03. If any part of this review is inaccurate, please let us know. IANA … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: IANA has completed its review of draft-ietf-dnsop-rfc7958bis-03. If any part of this review is inaccurate, please let us know. IANA understands that, upon approval of this document, there is a single action which we must complete. IANA understands that each time IANA produces a new trust anchor, it will publish that trust anchor using the format described in this document (upon its approval). IANA may decide to delay the publication of a new trust anchor for operational reasons, for instance having a newly-created key in multiple facilities. When a trust anchor that was previously published is no longer suitable for use, IANA will update the trust anchor document accordingly by setting a validUntil date for that trust anchor. The validUntil attribute that is added can be a date in the past or in the future, depending on IANA's operational choices. IANA will continue to ensure that the IANA policies and procedures for how the cryptographic keys for the DNS root zone are managed (also known as "DNSSEC Practice Statements" or "DPSs") will be updated at https://www.iana.org/dnssec/procedures. We understand that this is the only action required to be completed upon approval of this document. NOTE: The action requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the action that will be performed. For definitions of IANA review states, please see: https://datatracker.ietf.org/help/state/draft/iana-review Thank you, David Dong IANA Services Sr. Specialist |
2024-08-02
|
03 | Dan Romascanu | Request for Last Call review by GENART Completed: Ready with Issues. Reviewer: Dan Romascanu. Sent review to list. |
2024-08-01
|
03 | Klaas Wierenga | Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Klaas Wierenga. Sent review to list. |
2024-07-31
|
03 | Petr Špaček | Request for Last Call review by DNSDIR Completed: On the Right Track. Reviewer: Petr Špaček. Sent review to list. |
2024-07-29
|
03 | Scott Hollenbeck | Request for Last Call review by ARTART Completed: Ready with Nits. Reviewer: Scott Hollenbeck. Sent review to list. |
2024-07-25
|
03 | Jean Mahoney | Request for Last Call review by GENART is assigned to Dan Romascanu |
2024-07-23
|
03 | Barry Leiba | Request for Last Call review by ARTART is assigned to Scott Hollenbeck |
2024-07-23
|
03 | Carlos Pignataro | Request for Last Call review by OPSDIR is assigned to Marisol Palmero |
2024-07-20
|
03 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Klaas Wierenga |
2024-07-19
|
03 | Jim Reid | Request for Last Call review by DNSDIR is assigned to Petr Špaček |
2024-07-18
|
03 | Cindy Morgan | IANA Review state changed to IANA - Review Needed |
2024-07-18
|
03 | Cindy Morgan | The following Last Call announcement was sent out (ends 2024-08-08): From: The IESG To: IETF-Announce CC: benno@NLnetLabs.nl, dnsop-chairs@ietf.org, dnsop@ietf.org, draft-ietf-dnsop-rfc7958bis@ietf.org, suzworldwide@gmail.com … The following Last Call announcement was sent out (ends 2024-08-08): From: The IESG To: IETF-Announce CC: benno@NLnetLabs.nl, dnsop-chairs@ietf.org, dnsop@ietf.org, draft-ietf-dnsop-rfc7958bis@ietf.org, suzworldwide@gmail.com, warren@kumari.net Reply-To: last-call@ietf.org Sender: Subject: Last Call: (DNSSEC Trust Anchor Publication for the Root Zone) to Informational RFC The IESG has received a request from the Domain Name System Operations WG (dnsop) to consider the following document: - 'DNSSEC Trust Anchor Publication for the Root Zone' as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-call@ietf.org mailing lists by 2024-08-08. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The root zone of the Domain Name System (DNS) is cryptographically signed using DNS Security Extensions (DNSSEC). In order to obtain secure answers from the root zone of the DNS using DNSSEC, a client must configure a suitable trust anchor. This document describes the format and publication mechanisms IANA uses to distribute the DNSSEC trust anchors. This document obsoletes RFC 7958. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc7958bis/ No IPR declarations have been submitted directly on this I-D. |
2024-07-18
|
03 | Cindy Morgan | IESG state changed to In Last Call from Last Call Requested |
2024-07-18
|
03 | Cindy Morgan | Last call announcement was changed |
2024-07-18
|
03 | Warren Kumari | Last call was requested |
2024-07-18
|
03 | Warren Kumari | Last call announcement was generated |
2024-07-18
|
03 | Warren Kumari | Ballot approval text was generated |
2024-07-18
|
03 | Warren Kumari | IESG state changed to Last Call Requested from Publication Requested |
2024-07-18
|
03 | Warren Kumari | Changed consensus to Yes from Unknown |
2024-07-18
|
03 | Warren Kumari | Ballot writeup was changed |
2024-07-12
|
03 | Tim Wicinski | Shepherd Write up 7958bis (1)Publication of this document is requested as Informational. This is appropriate primarily because it describes guidelines and procedures that IANA follows … Shepherd Write up 7958bis (1)Publication of this document is requested as Informational. This is appropriate primarily because it describes guidelines and procedures that IANA follows for the publication of trust anchors for bootstrapping DNSSEC validation of signed zones, but doesn’t specify behavior for DNS software or operators. IANA makes the trust anchor available by a variety of mechanisms, as a helpful optimization for operators validating DNSSEC. There would be operational disruption if IANA procedures were changed without notice, but those procedures don’t create a standard. The document obsoletes RFC 7958, which was published on the independent stream; it was submitted to the WG to get more rigorous review. (2)Technical Summary: The root zone of the Domain Name System (DNS) is cryptographically signed using DNS Security Extensions (DNSSEC). In order to obtain secure answers from the root or signed child zones of the DNS using DNSSEC, a client must configure a suitable trust anchor. This document describes the format and publication mechanisms IANA uses to distribute the DNSSEC trust anchors. Working Group Summary: There was some concern expressed at the time of adoption that the document should go to the Independent Stream, since it documents established practices, deployed by IANA at their discretion. It wasn’t clear to everyone what added value would come from taking it through WG adoption and consensus. However, documenting established practices in Informational RFCs is nothing new for DNSOP, and consensus tends to be that clear, understandable documentation of such fixed “facts of life” helps real-world interoperability of the DNS. Document Quality: The mechanisms described in this document are in daily use for distributing the DNSSEC root zone trust anchor for DNS operators across the Internet. 7958bis reflects experience gained since RFC 7958, published in 2016, including dropping distribution mechanisms that turned out to be less useful. In addition, 7958 was published on the Independent Stream, but 7958bis has been a WG document. It's clearly written, understandable, and technically accurate. Personnel: Who is the Document Shepherd? Suzanne Woolf Warren Kumari is the Responsible Area Director (3)The document has passed WGLC and looks ready to publish. It has been reviewed for both accuracy of technical detail, and clarity. The technical matters discussed are straightforward, the original draft was well-written, and the authors have been responsive to WG suggestions for edits. (4) No concerns on reviews. (5) No broader review needed. (6) The “IANA Considerations” section of this document uses normative language to describe IANA procedures, which may be a little unusual in an Informational document. However, as written it conveys some attributes of IANA procedures on trust anchor publication that operators can rely on (“MUST”) and some others that may require more flexibility from a client trying to keep their root zone trust anchors up to date(“MAY”). (7) No IPR to disclose. (8) No IPR (9) WG Consensus is solid. There were no objections at Last Call to advancing the document. (10) No threats of appeal (11) All nits addressed (12) No formal review needed (13) all references have been identified as either normative or informative (14) All normative references are clear. (15) There are no downward normative references (16) This document will obsolete RFC 7958 and it is mentioned in the abstract, title page and introduction. (17) See above on the IANA Considerations and the use of reserved words. There are no new protocol extensions, registries, or assigned values specified. (18) There are no new IANA registries. (19) N/A (20) No Yang Needed |
2024-07-12
|
03 | Tim Wicinski | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2024-07-12
|
03 | Tim Wicinski | IESG state changed to Publication Requested from I-D Exists |
2024-07-12
|
03 | (System) | Changed action holders to Warren Kumari (IESG state changed) |
2024-07-12
|
03 | Tim Wicinski | Responsible AD changed to Warren Kumari |
2024-07-12
|
03 | Tim Wicinski | Document is now in IESG state Publication Requested |
2024-07-12
|
03 | Suzanne Woolf | Shepherd Write up 7958bis (1)Publication of this document is requested as Informational. This is appropriate primarily because it describes guidelines and procedures that IANA follows … Shepherd Write up 7958bis (1)Publication of this document is requested as Informational. This is appropriate primarily because it describes guidelines and procedures that IANA follows for the publication of trust anchors for bootstrapping DNSSEC validation of signed zones, but doesn’t specify behavior for DNS software or operators. IANA makes the trust anchor available by a variety of mechanisms, as a helpful optimization for operators validating DNSSEC. There would be operational disruption if IANA procedures were changed without notice, but those procedures don’t create a standard. The document obsoletes RFC 7958, which was published on the independent stream; it was submitted to the WG to get more rigorous review. (2)Technical Summary: The root zone of the Domain Name System (DNS) is cryptographically signed using DNS Security Extensions (DNSSEC). In order to obtain secure answers from the root or signed child zones of the DNS using DNSSEC, a client must configure a suitable trust anchor. This document describes the format and publication mechanisms IANA uses to distribute the DNSSEC trust anchors. Working Group Summary: There was some concern expressed at the time of adoption that the document should go to the Independent Stream, since it documents established practices, deployed by IANA at their discretion. It wasn’t clear to everyone what added value would come from taking it through WG adoption and consensus. However, documenting established practices in Informational RFCs is nothing new for DNSOP, and consensus tends to be that clear, understandable documentation of such fixed “facts of life” helps real-world interoperability of the DNS. Document Quality: The mechanisms described in this document are in daily use for distributing the DNSSEC root zone trust anchor for DNS operators across the Internet. 7958bis reflects experience gained since RFC 7958, published in 2016, including dropping distribution mechanisms that turned out to be less useful. In addition, 7958 was published on the Independent Stream, but 7958bis has been a WG document. It's clearly written, understandable, and technically accurate. Personnel: Who is the Document Shepherd? Suzanne Woolf Warren Kumari is the Responsible Area Director (3)The document has passed WGLC and looks ready to publish. It has been reviewed for both accuracy of technical detail, and clarity. The technical matters discussed are straightforward, the original draft was well-written, and the authors have been responsive to WG suggestions for edits. (4) No concerns on reviews. (5) No broader review needed. (6) The “IANA Considerations” section of this document uses normative language to describe IANA procedures, which may be a little unusual in an Informational document. However, as written it conveys some attributes of IANA procedures on trust anchor publication that operators can rely on (“MUST”) and some others that may require more flexibility from a client trying to keep their root zone trust anchors up to date(“MAY”). (7) No IPR to disclose. (8) No IPR (9) WG Consensus is solid. There were no objections at Last Call to advancing the document. (10) No threats of appeal (11) All nits addressed (12) No formal review needed (13) all references have been identified as either normative or informative (14) All normative references are clear. (15) There are no downward normative references (16) This document will obsolete RFC 7958 and it is mentioned in the abstract, title page and introduction. (17) See above on the IANA Considerations and the use of reserved words. There are no new protocol extensions, registries, or assigned values specified. (18) There are no new IANA registries. (19) N/A (20) No Yang Needed |
2024-07-12
|
03 | Tim Wicinski | Notification list changed to benno@NLnetLabs.nl, suzworldwide@gmail.com from benno@NLnetLabs.nl because the document shepherd was set |
2024-07-12
|
03 | Tim Wicinski | Document shepherd changed to Suzanne Woolf |
2024-07-08
|
03 | Paul Hoffman | New version available: draft-ietf-dnsop-rfc7958bis-03.txt |
2024-07-08
|
03 | Paul Hoffman | New version accepted (logged-in submitter: Paul Hoffman) |
2024-07-08
|
03 | Paul Hoffman | Uploaded new revision |
2024-07-03
|
02 | Tim Wicinski | Authors have new version to produce |
2024-07-03
|
02 | Tim Wicinski | IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call |
2024-06-19
|
02 | Tim Wicinski | IETF WG state changed to In WG Last Call from WG Document |
2024-06-19
|
02 | Tim Wicinski | Changed document external resources from: None to: github_repo https://github.com/paulehoffman/draft-bash-rfc7958bis |
2024-06-19
|
02 | Tim Wicinski | Notification list changed to benno@NLnetLabs.nl because the document shepherd was set |
2024-06-19
|
02 | Tim Wicinski | Document shepherd changed to Benno Overeinder |
2024-06-19
|
02 | Tim Wicinski | Intended Status changed to Informational from None |
2024-06-03
|
02 | Paul Hoffman | New version available: draft-ietf-dnsop-rfc7958bis-02.txt |
2024-06-03
|
02 | Paul Hoffman | New version accepted (logged-in submitter: Paul Hoffman) |
2024-06-03
|
02 | Paul Hoffman | Uploaded new revision |
2024-03-17
|
01 | Benno Overeinder | Added to session: IETF-119: dnsop Mon-0530 |
2024-03-04
|
01 | Paul Hoffman | New version available: draft-ietf-dnsop-rfc7958bis-01.txt |
2024-03-04
|
01 | Paul Hoffman | New version accepted (logged-in submitter: Paul Hoffman) |
2024-03-04
|
01 | Paul Hoffman | Uploaded new revision |
2024-02-06
|
00 | Florian Obser | Request for Early review by DNSDIR Completed: Ready with Nits. Reviewer: Florian Obser. Sent review to list. |
2024-01-30
|
00 | Jim Reid | Request for Early review by DNSDIR is assigned to Florian Obser |
2024-01-30
|
00 | Tim Wicinski | Requested Early review by DNSDIR |
2023-12-30
|
00 | Tim Wicinski | This document now replaces draft-bash-rfc7958bis instead of None |
2023-12-30
|
00 | Paul Hoffman | New version available: draft-ietf-dnsop-rfc7958bis-00.txt |
2023-12-30
|
00 | Tim Wicinski | WG -00 approved |
2023-12-30
|
00 | Paul Hoffman | Set submitter to "Paul Hoffman ", replaces to draft-bash-rfc7958bis and sent approval email to group chairs: dnsop-chairs@ietf.org |
2023-12-30
|
00 | Paul Hoffman | Uploaded new revision |