Skip to main content

DNSSEC Trust Anchor Publication for the Root Zone
draft-ietf-dnsop-rfc7958bis-06

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, benno@NLnetLabs.nl, dnsop-chairs@ietf.org, dnsop@ietf.org, draft-ietf-dnsop-rfc7958bis@ietf.org, rfc-editor@rfc-editor.org, suzworldwide@gmail.com, warren@kumari.net
Subject: Document Action: 'DNSSEC Trust Anchor Publication for the Root Zone' to Informational RFC (draft-ietf-dnsop-rfc7958bis-06.txt)

The IESG has approved the following document:
- 'DNSSEC Trust Anchor Publication for the Root Zone'
  (draft-ietf-dnsop-rfc7958bis-06.txt) as Informational RFC

This document is the product of the Domain Name System Operations Working
Group.

The IESG contact persons are Warren Kumari and Mahesh Jethanandani.

A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc7958bis/


Ballot Text

Technical Summary

   The root zone of the Domain Name System (DNS) is cryptographically
   signed using DNS Security Extensions (DNSSEC).

   In order to obtain secure answers from the root zone of the DNS using
   DNSSEC, a client must configure a suitable trust anchor.  This
   document describes the format and publication mechanisms IANA uses to
   distribute the DNSSEC trust anchors.

   This document obsoletes RFC 7958.

Working Group Summary

There was some concern expressed at the time of adoption that the document
should go to the Independent Stream, since it documents established practices,
deployed by IANA at their discretion. It wasn’t clear to everyone what added
value would come from taking it through WG adoption and consensus. However,
documenting established practices in Informational RFCs is nothing new for
DNSOP, and consensus tends to be that clear, understandable documentation of
such fixed “facts of life” helps real-world interoperability of the DNS.
 

Document Quality

   The mechanisms described in this document are in daily use for distributing the
DNSSEC root zone trust anchor for DNS operators across the Internet. 7958bis
reflects experience gained since RFC 7958, published in 2016, including
dropping distribution mechanisms that turned out to be less useful. In
addition, 7958 was published on the Independent Stream, but 7958bis has been a
WG document. It's clearly written, understandable, and technically accurate.


Personnel

   Suzanne Woolf is DS.
   Warren "Ace" Kumari is RAD!!!!1!!11!111!!!

RFC Editor Note