Skip to main content

DNS Security (DNSSEC) NextSECure (NSEC) RDATA Format
RFC 3845

Yes

(Thomas Narten)

No Objection

(Alex Zinin)
(Bill Fenner)
(David Kessens)
(Jon Peterson)
(Margaret Cullen)
(Russ Housley)
(Ted Hardie)

Abstain


Note: This ballot was opened for revision 06 and is now closed.

(Thomas Narten; former steering group member) Yes

Yes ()

                            

(Alex Zinin; former steering group member) No Objection

No Objection ()

                            

(Allison Mankin; former steering group member) (was Yes) No Objection

No Objection (2004-05-27)
 There was a quite clear WG consensus determination on NXT's/NSEC's privacy issues years
ago with European regulations and the DNS design in mind then.  Perhaps the problem
was lack of community-wide Last Call at that time.  Hmm.

(Bert Wijnen; former steering group member) No Objection

No Objection (2004-05-26)
Front page (top left) has: Updates: RFC 2535, RFC TCR (if approved)

- We normally want the "Updates xxx..." also in the abstract.

I wonder if the security considerations section should have some
text about the privacy-concerns that have apparantly been discussed.

(Bill Fenner; former steering group member) No Objection

No Objection ()

                            

(David Kessens; former steering group member) No Objection

No Objection ()

                            

(Harald Alvestrand; former steering group member) No Objection

No Objection (2004-05-26)
Reviewed by Mark Allman, Gen-ART
Minor things ...

  + old boilerplate

  + look for "must" and think about whether it should be "MUST"

  + the citation to "RFC TCR" since it's an i-d

The document seems fine to me.

(Jon Peterson; former steering group member) No Objection

No Objection ()

                            

(Margaret Cullen; former steering group member) No Objection

No Objection ()

                            

(Russ Housley; former steering group member) No Objection

No Objection ()

                            

(Scott Hollenbeck; former steering group member) No Objection

No Objection (2004-05-20)
The graphic in section 2.1 should note that the fields are of variable length as described in later text.  The length appears to be fixed at 32 units, but no units are specified and there's nothing to note that the fields can be shorter or longer unless one assumes that the "/" characters imply variability.

(Ted Hardie; former steering group member) No Objection

No Objection ()

                            

(Steven Bellovin; former steering group member) Abstain

Abstain (2004-05-24)
I'm very concerned by reports that some European sites can't/won't deploy NSEC because they feel it conflicts with European privacy law.  I have sympathy for this position -- I wrote my own draft addressing the issue 2.5 years ago.  But we have an installed base that uses a similar technique (NXT records), which leaves us with the problem of running code that may not be deployable.