Re: [DNSOP] draft-ietf-dnsop-dnssec-dps-framework-07

Sat, 02 Jun 2012 06:06:55 -0700 

I've implemented all of Stephens edits, along with the edits suggested by 
Alfred HÎnes back in april, both of which where mainly editorial changes.

Apart from this, Stephen has suggested a minor rewording of the second 
paragraph of the background section due to his comment below:

  To provide a means for users who rely on signed responses from the
  DNS ("relying parties") to evaluate the strength and security of the
  DNSSEC chain of trust, an entity operating a DNSSEC enabled zone may
  choose to publish a DNSSEC Practice Statement (DPS), comprising
  statements of critical security controls and procedures relevant for
  scrutinizing the trustworthiness of the system.  The DPS may also
  identify any DNSSEC Policies it supports, explaining how it meets
  their requirements.

Last, but not least, the DNSOP chairs has suggested to change the title of the 
document from "DNSSEC Policy & Practice Statement Framework" to "A Framework 
for DNSSEC Policies and DNSSEC Practice Statements", to better underline that a 
"DNSSEC Policy" and a "DNSSEC Practice Statement" are two different documents. 
The authors have agreed to this change, as we share the opinion that this adds 
to the clarity of the concept.

Unless I hear any objections to the above, I will post and updated (-08) 
version shortly.

- Fredrik

On 2012-05-21, at 16:52, Stephen Morris wrote:

> I've been doing a final nits review of the DPS framework document while
> doing the proto write-up.
> 
> There is nothing major - mainly typos/missing commas and minor
> change of wording: these I've passed to editors directly.
> 
> The only significant issue is the definition of "relying parties" in 1.1
> either "users of the DNS" (at the beginning of the section) or "all
> entities relying on signed responses from the DNS" (at the end, and in
> the glossary).  This needs clarification as "relying party" is used in
> the middle of that section.
> 
> Stephen
> _______________________________________________
> DNSOP mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/dnsop

_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to