Last Call Review of draft-ietf-dnsop-rfc4641bis-
review-ietf-dnsop-rfc4641bis-secdir-lc-emery-2012-08-30-00
| Request | Review of | draft-ietf-dnsop-rfc4641bis |
|---|---|---|
| Requested revision | No specific revision (document currently at 13) | |
| Type | IETF Last Call Review | |
| Team | Security Area Directorate (secdir) | |
| Deadline | 2012-08-28 | |
| Requested | 2012-08-10 | |
| Authors | Olaf Kolkman , Matthijs Mekking , R. (Miek) Gieben | |
| I-D last updated | 2020-01-21 (Latest revision 2012-09-11) | |
| Completed reviews |
Secdir IETF Last Call review of -??
by Shawn M Emery
|
|
| Assignment | Reviewer | Shawn M Emery |
| State | Completed | |
| Request | IETF Last Call review on draft-ietf-dnsop-rfc4641bis by Security Area Directorate Assigned | |
| Result | Ready w/issues | |
| Completed | 2012-08-30 |
review-ietf-dnsop-rfc4641bis-secdir-lc-emery-2012-08-30-00
I have reviewed this document
as part of the security directorate's ongoing effort to review
all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area
directors. Document editors and WG chairs should treat these
comments just like any other last call comments.
This informational draft describes the operational practices for
administrating a DNSSEC environment. Specifically the
management of keys and signatures in DNS. The draft intends to
obsolete
RFC 4641.
The security considerations section does exist and is somewhat
terse in its explanation of mitigating spoofing and DoS
attacks. This should be expanded or at least a reference made.
General comments:
None.
Editorial comments:
Consistency: SEP is expanded, but not DS.
s/purposes X will somewhere/purposes, X will be somewhere/
s/such as e.g. RFC 5011/e.g. RFC 5011/
Shawn.
--