WG, Version -11 of the draft-ietf-dnsop-dnssec-dps-framework has been published and resolves the DISCUSSes raised by the IESG. Apart from miscellaneous corrections and some rephrasing to make things clearer, the significant differences between the -08 version sent to the IESG after WGLC and the latest -11 version are:
1. Introduction * Added paragraph clarifiying that the DP/DPS are not primarily aimed at DNS users, rather they are aimed at other stakeholders (e.g. regulatory authorities). * Removed paragraphs contrasting the DPS with PKI. 2. Definitions * Add definition of multi-person control. 4.1.4 Specification administration * Expanded first pragraph to clarify that the subcomponent includes a description of notification mechanisms used to provide advance notice of changes to the DP/DPS. 4.4.4 Audit logging procedures * Expanded the list of examples of the types of events recorded. 4.5.5 Computer security controls * Removed sentence about product assurance, as this was mistakenly mentioned twice * Removed paragraph about the computer security rating. The changes in section 7 (security considerations) introduced in version -09 suggesting a key could be rolled as a means of signalling a change of DP/DPS have been removed. These were added as a result of a misunderstanding of the nature of one of the DISCUSSes and were not required to overcome objection. Best regards, - Fredrik On 2012-11-05, at 21:45, [email protected] wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Domain Name System Operations Working Group > of the IETF. > > Title : A Framework for DNSSEC Policies and DNSSEC Practice > Statements > Author(s) : Fredrik Ljunggren > Anne-Marie Eklund Lowinder > Tomofumi Okubo > Filename : draft-ietf-dnsop-dnssec-dps-framework-11.txt > Pages : 27 > Date : 2012-11-05 > > Abstract: > This document presents a framework to assist writers of DNSSEC > Policies and DNSSEC Practice Statements, such as Domain Managers and > Zone Operators on both the top-level and secondary level, who are > managing and operating a DNS zone with Security Extensions (DNSSEC) > implemented. > > In particular, the framework provides a comprehensive list of topics > that should be considered for inclusion into a DNSSEC Policy > definition and Practice Statement. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-dps-framework > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-ietf-dnsop-dnssec-dps-framework-11 > > A diff from the previous version is available at: > http://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-dnssec-dps-framework-11 > > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
