Last Call Review of draft-ietf-dnsop-dnssec-dps-framework-

Request Review of draft-ietf-dnsop-dnssec-dps-framework
Requested rev. no specific revision (document currently at 11)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2012-07-17
Requested 2012-07-05
Other Reviews Secdir Telechat review of -08 by Stephen Kent (diff)
Review State Completed
Reviewer Peter Yee
Review review-ietf-dnsop-dnssec-dps-framework-genart-lc-yee-2012-07-15
Posted at
Draft last updated 2012-07-15
Review completed: 2012-07-15


I am the assigned Gen-ART reviewer for this draft. For background on
Gen-ART, please see the FAQ at

This draft is ready for publication as an Informational RFC.

Document: draft-ietf-dnsop-dnssec-dps-framework-08
Reviewer: Peter Yee
Review Date: 14-July-2012
IETF LC End Date: 17-July-2012
IESG Telechat date: Pending

Summary: This draft provides a framework for the creation of DNSSEC Policies
and Practice Statements. 

Major Issues: None

Minor Issues: 

Section 4.4.5 discusses how to handle key compromise.  It might be useful to
discuss here or somewhere else in the document how the compromise is
prevented from recurring if there were no attenuating measures in place
beforehand.  That might well lead to a revision of the DP or DPS.  The draft
doesn't really discuss under what circumstances a document should be
iterated or amended.  Of course, that might be considered a meta issue
and outside of the scope of the DP or DPS proper.

Nits/editorial comments: 

In Section 4.6, "behaviour" is spelt in the British manner.  While
most assuredly not incorrect, you may wish to spell it in the
American manner.

Serial commas are used inconsistently.  Nothing as egregious as the
example, however. ;-)