Shepherd Write up 7958bis
(1)Publication of this document is requested as Informational. This is
appropriate primarily because it describes guidelines and procedures that IANA
follows for the publication of trust anchors for bootstrapping DNSSEC
validation of signed zones, but doesn’t specify behavior for DNS software or
operators. IANA makes the trust anchor available by a variety of mechanisms, as
a helpful optimization for operators validating DNSSEC. There would be
operational disruption if IANA procedures were changed without notice, but
those procedures don’t create a standard.
The document obsoletes RFC 7958, which was published on the independent stream;
it was submitted to the WG to get more rigorous review.
(2)Technical Summary:
The root zone of the Domain Name System (DNS) is cryptographically signed using
DNS Security Extensions (DNSSEC).
In order to obtain secure answers from the root or signed child zones of the
DNS using DNSSEC, a client must configure a suitable trust anchor. This
document describes the format and publication mechanisms IANA uses to
distribute the DNSSEC trust anchors.
Working Group Summary:
There was some concern expressed at the time of adoption that the document
should go to the Independent Stream, since it documents established practices,
deployed by IANA at their discretion. It wasn’t clear to everyone what added
value would come from taking it through WG adoption and consensus. However,
documenting established practices in Informational RFCs is nothing new for
DNSOP, and consensus tends to be that clear, understandable documentation of
such fixed “facts of life” helps real-world interoperability of the DNS.
Document Quality:
The mechanisms described in this document are in daily use for distributing the
DNSSEC root zone trust anchor for DNS operators across the Internet. 7958bis
reflects experience gained since RFC 7958, published in 2016, including
dropping distribution mechanisms that turned out to be less useful. In
addition, 7958 was published on the Independent Stream, but 7958bis has been a
WG document. It's clearly written, understandable, and technically accurate.
Personnel:
Who is the Document Shepherd? Suzanne Woolf
Warren Kumari is the Responsible Area Director
(3)The document has passed WGLC and looks ready to publish. It has been
reviewed for both accuracy of technical detail, and clarity. The technical
matters discussed are straightforward, the original draft was well-written, and
the authors have been responsive to WG suggestions for edits.
(4) No concerns on reviews.
(5) No broader review needed.
(6) The “IANA Considerations” section of this document uses normative language
to describe IANA procedures, which may be a little unusual in an Informational
document. However, as written it conveys some attributes of IANA procedures on
trust anchor publication that operators can rely on (“MUST”) and some others
that may require more flexibility from a client trying to keep their root zone
trust anchors up to date(“MAY”).
(7) No IPR to disclose.
(8) No IPR
(9) WG Consensus is solid. There were no objections at Last Call to advancing
the document.
(10) No threats of appeal
(11) All nits addressed
(12) No formal review needed
(13) all references have been identified as either normative or informative
(14) All normative references are clear.
(15) There are no downward normative references
(16) This document will obsolete RFC 7958 and it is mentioned in the abstract,
title page and introduction.
(17) See above on the IANA Considerations and the use of reserved words. There
are no new protocol extensions, registries, or assigned values specified.
(18) There are no new IANA registries.
(19) N/A
(20) No Yang Needed