Hi all, This is a compilation of two earlier drafts, draft-barwood-dnsop-ds-publish and draft-wkumari-dnsop-ezkeyroll.
The basic idea remains the same -- allow operators to publish new (and standby) DS records at the parent by publishing them in their zone, signed with their current key. This new draft explains the problem a little better, and also that, in the "registries shouldn't talk to registrars" model the registrar can do the magic instead. We believe that there is a need / desire for this -- apart from the fact that *I* hate having to click all over the GoDaddy web site to change keys, we have heard a number of registrars and registrars asking for it... W Begin forwarded message: > From: [email protected] > Subject: New Version Notification for draft-kumari-ogud-dnsop-cds-00.txt > Date: February 18, 2013 4:06:00 PM EST > To: [email protected] > Cc: [email protected], [email protected] > > > A new version of I-D, draft-kumari-ogud-dnsop-cds-00.txt > has been successfully submitted by Warren Kumari and posted to the > IETF repository. > > Filename: draft-kumari-ogud-dnsop-cds > Revision: 00 > Title: Easy DNSSEC Key Publish > Creation date: 2013-02-18 > Group: Individual Submission > Number of pages: 8 > URL: > http://www.ietf.org/internet-drafts/draft-kumari-ogud-dnsop-cds-00.txt > Status: http://datatracker.ietf.org/doc/draft-kumari-ogud-dnsop-cds > Htmlized: http://tools.ietf.org/html/draft-kumari-ogud-dnsop-cds-00 > > > Abstract: > This document describes a method to allow DNS operators to more > easily publish updated DNSSEC Key Signing Keys. This document does > not address the initial configuration of trust anchors for a domain. > > > > > The IETF Secretariat > -- Life is a concentration camp. You're stuck here and there's no way out and you can only rage impotently against your persecutors. -- Woody Allen _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
