I can confirm that this is a valid erratum. It will be fixed in RFC 4641bis (I think Held for Document Update is an appropriate status name)
--Olaf On Jul 23, 2010, at 8:22 PM, RFC Errata System wrote: > > The following errata report has been submitted for RFC4641, > "DNSSEC Operational Practices". > > -------------------------------------- > You may review the report below and at: > http://www.rfc-editor.org/errata_search.php?rfc=4641&eid=2391 > > -------------------------------------- > Type: Editorial > Reported by: Tony Finch <[email protected]> > > Section: Appendix C > > Original Text > ------------- > > > Corrected Text > -------------- > > > Notes > ----- > There are some NSEC-related errors in the example zone. The NSEC record is > missing from the zone apex (though its RRSIG is present). The TTL on the NSEC > and RRSIG NSEC records for a.example.net should be the same as the zone's SOA > minimum TTL, i.e. 28800 not 86400. > > Instructions: > ------------- > This errata is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party (IESG) > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC4641 (draft-ietf-dnsop-dnssec-operational-practices-08) > -------------------------------------- > Title : DNSSEC Operational Practices > Publication Date : September 2006 > Author(s) : O. Kolkman, R. Gieben > Category : INFORMATIONAL > Source : Domain Name System Operations > Area : Operations and Management > Stream : IETF > Verifying Party : IESG ________________________________________________________ Olaf M. Kolkman NLnet Labs Science Park 140, http://www.nlnetlabs.nl/ 1098 XG Amsterdam _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
