Hi SM, On 2012-09-29, at 18:09, SM <[email protected]> wrote:
> At 02:34 29-09-2012, Fredrik Ljunggren wrote: >> A new version of the DPS framework draft was submitted adressing issues >> which was raised during the IESG review. During this review four ADs had >> positions on the draft - three DISCUSSes and one comment, which called for a >> few edits and a revised version of the draft. > > Quoting part of the DISCUSS from Russ Housley: > > "Please explain the value of the policy to the parties that rely on > these signatures. At a minimum this possibility [change in policy] > needs to be explained in the Security Considerations." > > Which text in draft-ietf-dnsop-dnssec-dps-framework-10 addresses that? It has been added under "Security Considerations": Secondly, there is no way of determining under what policy (if any) DNS data has been signed. Interested parties must stay informed using the methods which should be described in section 1.4.3 (Specification change procedures) of the DPS. And also exemplified under 4.1.4 of the framework. > Is the DISCUSS from Sean Turner addressed in this revision? Yes. Sean's DISCUSS was addressed by the deletion of the two last paragraph in the background section, and by having a dialogue regarding TA distribution and the context of "change of algorithms" in subcomponent 4.6.1. > As a nit on Section 4.8: > > "It may also be appropriate to inform of any identified implications > on the protection of personally identifiable private information." > > I suggest removing the word "private" as the term generally used is > "personally identifiable information". Ok, noted. - Fredrik _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
