Re: [DNSOP] [I-D Action: draft-rssac-dnsop-rfc2870bis-04.txt]

Sat, 25 Feb 2012 00:59:11 -0800 

On Mon, Feb 13, 2012 at 09:33:05AM +0100, Stephane Bortzmeyer wrote:
> On Mon, Feb 06, 2012 at 07:12:56PM +0000,
>  [email protected] <[email protected]> wrote 
>  a message of 49 lines which said:
> 
> > A New Internet-Draft is available from the on-line Internet-Drafts 
> > directories.
> > 
> >     Title           : Root Name Server Operational Requirements
> >     Author(s)       : Root Server System Advisory Committee
> >     Filename        : draft-rssac-dnsop-rfc2870bis-04.txt
> 
> Section 3.2.1 : I do not understand why you need synced time for
> DNSSEC. The root name servers do not generate signatures.

        but they do use TSIG.  And historically, channel protection via
        TSIG or SIG(0) was considered part of the DNSSEC tool box.  Granted that
        DNSSEC perception has changed over the years. but the need for sync'ed 
clocks
        is becuase of TSIG.

> Section 3.2.1 : Several root name servers, such as B, reply to ICMP
> echo requests, which I think is a good thing, but it seems disallowed
> in your document.

        -I- think its a good idea, but others would prefer less transparency

> Section 4.2 : This advice directly contradicts RFC 6382. Do you plan
> to reclassify it as Historic?

        It meaning RFC 6382?  Not really.  The draft was an attempt to
        document current practice - with some leanings toward future directions.

> Section 5.1 : "Announcement of planned outages also keeps other
> operators from investigated a scheduled maintenance window." My
> english parser broke here. Should I upgrade it or should you rewrite
> the sentence?

        investigated should be investigating.  e.g. if you don't tell anyone
        you are doing maintance work, observers will presume the worst and 
start 
        to debug why  the L root has gone offline.
        
> (For the record, I agree with most of Joe Abley's remarks on
> high-level issues with this document.)

        There are some strong argumetns for simply stating operational 
goals/principles
        vs documenting practice.  I beleive that we are working on a "mission 
statement"
        
/bill
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to