Split DNS Configuration for the Internet Key Exchange Protocol Version 2 (IKEv2)
draft-ietf-ipsecme-split-dns-17

Revision differences

Document history

Date Rev. By Action
2019-05-28
17 (System)
Received changes through RFC Editor sync (created alias RFC 8598, changed title to 'Split DNS Configuration for the Internet Key Exchange Protocol Version 2 (IKEv2)', ...
2019-05-28
17 (System) RFC published
2019-05-22
17 (System) RFC Editor state changed to AUTH48-DONE from AUTH48
2019-05-06
17 (System) RFC Editor state changed to AUTH48 from RFC-EDITOR
2019-04-19
17 (System) RFC Editor state changed to RFC-EDITOR from EDIT
2019-03-26
17 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2019-03-25
17 (System) IANA Action state changed to Waiting on RFC Editor from Waiting on Authors
2019-03-25
17 (System) IANA Action state changed to Waiting on Authors from In Progress
2019-03-21
17 (System) RFC Editor state changed to EDIT
2019-03-21
17 (System) IESG state changed to RFC Ed Queue from Approved-announcement sent
2019-03-21
17 (System) Announcement was received by RFC Editor
2019-03-21
17 (System) IANA Action state changed to In Progress
2019-03-21
17 Amy Vezza IESG state changed to Approved-announcement sent from Approved-announcement to be sent
2019-03-21
17 Amy Vezza IESG has approved the document
2019-03-21
17 Amy Vezza Closed "Approve" ballot
2019-03-21
17 Amy Vezza Ballot approval text was generated
2019-03-20
17 Eric Rescorla IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup
2019-03-14
17 Tero Kivinen Added to session: IETF-104: ipsecme  Thu-1050
2019-03-11
17 Tommy Pauly New version available: draft-ietf-ipsecme-split-dns-17.txt
2019-03-11
17 (System) New version approved
2019-03-11
17 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2019-03-11
17 Tommy Pauly Uploaded new revision
2019-02-03
16 Tim Chown Request for Telechat review by OPSDIR Completed: Ready. Reviewer: Tim Chown. Sent review to list.
2018-12-24
16 Eric Rescorla DISCUSSes cleared. Awaiting comment followup (or confirmation that none is needed).
2018-12-04
16 Warren Kumari
[Ballot comment]
Thank you for addressing my DISCUSS.
I still don't love this idea / solution, but after asking the DNSOP list for review ( ...
2018-12-04
16 Warren Kumari [Ballot Position Update] Position for Warren Kumari has been changed to No Objection from Discuss
2018-11-26
16 Alexey Melnikov [Ballot comment]
Thank you for addressing my DISCUSS.
2018-11-26
16 Alexey Melnikov [Ballot Position Update] Position for Alexey Melnikov has been changed to No Objection from Discuss
2018-11-25
16 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-16.txt
2018-11-25
16 (System) New version approved
2018-11-25
16 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-11-25
16 Paul Wouters Uploaded new revision
2018-11-21
15 (System) Sub state has been changed to AD Followup from Revised ID Needed
2018-11-21
15 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2018-11-21
15 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-15.txt
2018-11-21
15 (System) New version approved
2018-11-21
15 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-11-21
15 Paul Wouters Uploaded new revision
2018-11-21
14 Cindy Morgan IESG state changed to IESG Evaluation::Revised I-D Needed from IESG Evaluation
2018-11-21
14 Ignas Bagdonas [Ballot Position Update] New position, No Objection, has been recorded for Ignas Bagdonas
2018-11-21
14 Martin Vigoureux [Ballot Position Update] New position, No Objection, has been recorded for Martin Vigoureux
2018-11-20
14 Terry Manderson
[Ballot comment]
Thanks for the time and effort invested in this document. I'm also very interested to see the resolution to Warren's DISCUSS regarding ipsecme-split-dns ...
2018-11-20
14 Terry Manderson Ballot comment text updated for Terry Manderson
2018-11-20
14 Terry Manderson
[Ballot comment]
I'm also very interested to see the resolution to Warren's DISCUSS regarding ipsecme-split-dns being used as an easy tool to over-claim entire sections ...
2018-11-20
14 Terry Manderson [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson
2018-11-20
14 Ben Campbell
[Ballot comment]
- General: Once my client signals support for split DNS, what prevents a server from over claiming the domains that should be resolved ...
2018-11-20
14 Ben Campbell [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell
2018-11-20
14 Warren Kumari
[Ballot discuss]
I hope I'm just missing something obvious here, but this seems like it may cause a significant security issue.

Lots of "regular" users ...
2018-11-20
14 Warren Kumari
[Ballot comment]
This section: " The content of INTERNAL_DNS_DOMAIN and INTERNAL_DNSSEC_TA may be
  passed to another (DNS) program for processing.  As with any network ...
2018-11-20
14 Warren Kumari Ballot comment and discuss text updated for Warren Kumari
2018-11-20
14 Suresh Krishnan
[Ballot comment]
* Sections 3.1 and 7

I have a hard time seeing why the length of the INTERNAL_DNS_DOMAIN attribute would ever be zero. Do ...
2018-11-20
14 Suresh Krishnan [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan
2018-11-20
14 Warren Kumari
[Ballot discuss]
I hope I'm just missing something obvious here, but this seems like it may cause a significant security issue.

Lots of "regular" users ...
2018-11-20
14 Warren Kumari
[Ballot comment]
This section: " The content of INTERNAL_DNS_DOMAIN and INTERNAL_DNSSEC_TA may be
  passed to another (DNS) program for processing.  As with any network ...
2018-11-20
14 Warren Kumari [Ballot Position Update] New position, Discuss, has been recorded for Warren Kumari
2018-11-20
14 Spencer Dawkins
[Ballot comment]
Perhaps it would be helpful to give an example of why

  A client using these configuration payloads will be able to request ...
2018-11-20
14 Spencer Dawkins [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins
2018-11-19
14 Adam Roach
[Ballot comment]
Thanks to everyone who worked on this document. It seems a very useful extension
to IKEv2. I have a handful of minor and ...
2018-11-19
14 Adam Roach [Ballot Position Update] New position, Yes, has been recorded for Adam Roach
2018-11-19
14 Alvaro Retana [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana
2018-11-19
14 Deborah Brungard [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard
2018-11-19
14 Alissa Cooper
[Ballot comment]
Section 5:

"Enterprise Certificate Agency" --> I would have expected this to say Enterprise Certificate Authority.

"Other generic or public domains, such as ...
2018-11-19
14 Alissa Cooper [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper
2018-11-19
14 Gunter Van de Velde Request for Telechat review by OPSDIR is assigned to Tim Chown
2018-11-19
14 Gunter Van de Velde Request for Telechat review by OPSDIR is assigned to Tim Chown
2018-11-17
14 Alexey Melnikov
[Ballot discuss]
This is a well written document, so thank you for that.
I've noticed that Benjamin already found typos that I found and raised ...
2018-11-17
14 Alexey Melnikov [Ballot Position Update] New position, Discuss, has been recorded for Alexey Melnikov
2018-11-15
14 Benjamin Kaduk
[Ballot comment]
I am balloting YES because I think this mechanism has significant value, but I do also
have some substantial comments that will likely ...
2018-11-15
14 Benjamin Kaduk [Ballot Position Update] New position, Yes, has been recorded for Benjamin Kaduk
2018-11-09
14 Mirja Kühlewind [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind
2018-11-05
14 (System) IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2018-11-04
14 Tero Kivinen Added to session: IETF-103: ipsecme  Wed-1350
2018-11-04
14 Eric Rescorla IESG state changed to IESG Evaluation from Waiting for Writeup
2018-11-03
14 Cindy Morgan New version available: draft-ietf-ipsecme-split-dns-14.txt
2018-11-03
14 (System) Secretariat manually posting. Approvals already received
2018-11-03
14 Cindy Morgan Uploaded new revision
2018-11-03
13 Cindy Morgan Placed on agenda for telechat - 2018-11-21
2018-11-03
13 Eric Rescorla Ballot has been issued
2018-11-03
13 Eric Rescorla [Ballot Position Update] New position, Yes, has been recorded for Eric Rescorla
2018-11-03
13 Eric Rescorla Created "Approve" ballot
2018-11-03
13 Eric Rescorla Ballot writeup was changed
2018-10-22
13 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2018-10-22
13 Tommy Pauly New version available: draft-ietf-ipsecme-split-dns-13.txt
2018-10-22
13 (System) New version approved
2018-10-22
13 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-10-22
13 Tommy Pauly Uploaded new revision
2018-08-30
12 Tim Chown Request for Last Call review by OPSDIR Completed: Has Issues. Reviewer: Tim Chown. Sent review to list.
2018-08-24
12 (System) IESG state changed to Waiting for Writeup from In Last Call
2018-08-22
12 (System) IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed
2018-08-22
12 Sabrina Tanamal
(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has completed its review of draft-ietf-ipsecme-split-dns-12. If any part of this review is inaccurate, please let us ...
2018-08-20
12 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Tim Chown
2018-08-20
12 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Tim Chown
2018-08-19
12 Stefan Santesson Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Stefan Santesson. Sent review to list.
2018-08-16
12 Christer Holmberg Request for Last Call review by GENART Completed: Ready with Nits. Reviewer: Christer Holmberg. Sent review to list.
2018-08-16
12 Jean Mahoney Request for Last Call review by GENART is assigned to Christer Holmberg
2018-08-16
12 Jean Mahoney Request for Last Call review by GENART is assigned to Christer Holmberg
2018-08-16
12 Tero Kivinen Request for Last Call review by SECDIR is assigned to Stefan Santesson
2018-08-16
12 Tero Kivinen Request for Last Call review by SECDIR is assigned to Stefan Santesson
2018-08-10
12 Cindy Morgan IANA Review state changed to IANA - Review Needed
2018-08-10
12 Cindy Morgan
The following Last Call announcement was sent out (ends 2018-08-24):

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
CC: David Waltermire <david.waltermire@nist.gov>, ipsecme-chairs@ietf.org, ekr@rtfm.com, ipsec@ietf.org, david.waltermire@nist.gov, ...
2018-08-10
12 Cindy Morgan IESG state changed to In Last Call from Last Call Requested
2018-08-10
12 Eric Rescorla Last call was requested
2018-08-10
12 Eric Rescorla Last call announcement was generated
2018-08-10
12 Eric Rescorla Ballot approval text was generated
2018-08-10
12 Eric Rescorla Ballot writeup was generated
2018-08-10
12 Eric Rescorla IESG state changed to Last Call Requested from AD Evaluation::AD Followup
2018-08-06
12 Tommy Pauly New version available: draft-ietf-ipsecme-split-dns-12.txt
2018-08-06
12 (System) New version approved
2018-08-06
12 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-08-06
12 Tommy Pauly Uploaded new revision
2018-07-19
11 Tommy Pauly New version available: draft-ietf-ipsecme-split-dns-11.txt
2018-07-19
11 (System) New version approved
2018-07-19
11 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-07-19
11 Tommy Pauly Uploaded new revision
2018-07-18
10 Tommy Pauly New version available: draft-ietf-ipsecme-split-dns-10.txt
2018-07-18
10 (System) New version approved
2018-07-18
10 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-07-18
10 Tommy Pauly Uploaded new revision
2018-07-18
09 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-09.txt
2018-07-18
09 (System) New version approved
2018-07-18
09 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-07-18
09 Paul Wouters Uploaded new revision
2018-07-16
08 Tero Kivinen Added to session: IETF-102: ipsecme  Wed-1520
2018-06-18
08 (System) Sub state has been changed to AD Followup from Revised ID Needed
2018-06-18
08 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-08.txt
2018-06-18
08 (System) New version approved
2018-06-18
08 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-06-18
08 Paul Wouters Uploaded new revision
2018-04-13
07 Eric Rescorla IESG state changed to AD Evaluation::Revised I-D Needed from Publication Requested
2018-03-01
07 David Waltermire
As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated 24 ...
2018-03-01
07 David Waltermire Responsible AD changed to Eric Rescorla
2018-03-01
07 David Waltermire IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up
2018-03-01
07 David Waltermire IESG state changed to Publication Requested
2018-03-01
07 David Waltermire IESG process started in state Publication Requested
2018-03-01
07 David Waltermire Waiting to confirm IPR before submitting to the IESG.
2018-03-01
07 David Waltermire Tag Revised I-D Needed - Issue raised by WGLC cleared.
2018-03-01
07 David Waltermire IETF WG state changed to WG Consensus: Waiting for Write-Up from In WG Last Call
2018-03-01
07 David Waltermire Changed consensus to Yes from Unknown
2018-03-01
07 David Waltermire Intended Status changed to Proposed Standard from None
2018-03-01
07 David Waltermire Changed document writeup
2018-02-28
07 Tommy Pauly New version available: draft-ietf-ipsecme-split-dns-07.txt
2018-02-28
07 (System) New version approved
2018-02-28
07 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-02-28
07 Tommy Pauly Uploaded new revision
2018-02-09
06 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-06.txt
2018-02-09
06 (System) New version approved
2018-02-09
06 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-02-09
06 Paul Wouters Uploaded new revision
2018-02-06
05 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-05.txt
2018-02-06
05 (System) New version approved
2018-02-06
05 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-02-06
05 Paul Wouters Uploaded new revision
2018-01-22
04 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-04.txt
2018-01-22
04 (System) New version approved
2018-01-22
04 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2018-01-22
04 Paul Wouters Uploaded new revision
2017-11-11
03 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-03.txt
2017-11-11
03 (System) New version approved
2017-11-11
03 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2017-11-11
03 Paul Wouters Uploaded new revision
2017-11-11
02 David Waltermire Added to session: IETF-100: ipsecme  Mon-0930
2017-11-11
02 David Waltermire Tag Revised I-D Needed - Issue raised by WGLC set.
2017-11-11
02 David Waltermire IETF WG state changed to In WG Last Call from WG Document
2017-07-29
02 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-02.txt
2017-07-29
02 (System) New version approved
2017-07-29
02 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2017-07-29
02 Paul Wouters Uploaded new revision
2017-07-19
01 Paul Wouters New version available: draft-ietf-ipsecme-split-dns-01.txt
2017-07-19
01 (System) New version approved
2017-07-19
01 (System) Request for posting confirmation emailed to previous authors: Paul Wouters <pwouters@redhat.com>, Tommy Pauly <tpauly@apple.com>
2017-07-19
01 Paul Wouters Uploaded new revision
2017-07-18
00 Tero Kivinen Added to session: IETF-99: ipsecme  Fri-1150
2017-03-29
00 David Waltermire Notification list changed to David Waltermire <david.waltermire@nist.gov>
2017-03-29
00 David Waltermire Document shepherd changed to David Waltermire
2017-03-26
00 David Waltermire Added to session: IETF-98: ipsecme  Wed-1300
2017-03-13
00 David Waltermire This document now replaces draft-pauly-ipsecme-split-dns instead of None
2017-03-13
00 Tommy Pauly New version available: draft-ietf-ipsecme-split-dns-00.txt
2017-03-13
00 (System) WG -00 approved
2017-03-13
00 Tommy Pauly Set submitter to "Tommy Pauly <tpauly@apple.com>", replaces to draft-pauly-ipsecme-split-dns and sent approval email to group chairs: ipsecme-chairs@ietf.org
2017-03-13
00 Tommy Pauly Uploaded new revision