Using Secure DNS to Associate Certificates with Domain Names for S/MIME
RFC 8162

Note: This ballot was opened for revision 15 and is now closed.

Alvaro Retana No Objection

(Kathleen Moriarty; former steering group member) Yes

(Stephen Farrell; former steering group member) Yes

(Alexey Melnikov; former steering group member) No Objection

Thank you for this document.

I have a small list of comments:

1) You are pointing to Unicode 5.2, which is rather old. You should reference the most recent version.

2) In Section 9.2: NSEC and NSEC3 need references.

3) In Section 11: <pedantic comment alert> All of your references are Informative. This is not correct, as several of the references are needed to implement or understand this specification. It doesn't matter that this document is Experimental, references needed to implement or understand the document still need to be Normative.

(Alia Atlas; former steering group member) No Objection

(Ben Campbell; former steering group member) No Objection

There's a rather icky IPR disclosure that basically says that licensing terms won't be disclosed until they see where the draft is going. The shepherd's review doesn't mention whether the working group discussed that. Since this is experimental, it probably doesn't matter very much right now. I hope that gets some discussion prior to any attempt to promote this work to standards track.

(Deborah Brungard; former steering group member) No Objection

(Jari Arkko; former steering group member) No Objection

(Joel Jaeggli; former steering group member) No Objection

(Mirja Kühlewind; former steering group member) No Objection

Minor comments:
- Point 8 in the shepherd write-up is not addressed and this docuemnt has 2 IPR claims...

- Intro: "Thus, the reader must be familiar with RFC 6698 before reading this document." -> That means RFC6698 must be normative.

(Suresh Krishnan; former steering group member) No Objection

Agree with Mirja and Alexey's position about the references. At least RFC6698 needs to be normative.