Very nice draft.
> RRSIG Signature Validity 10 days Here I think you probably want to say DNSKEY RRSIG signature validity, because thats the only RRset whose validity period matters, right? > Zone Maintainer The owner of a zone intending to publish a new Key- > Signing-Keys (KSKs) that will become a trust anchor by validators > following the RFC5011 process. Could I convince you to use another term? Maybe just Zone Owner? I worry that when people read Zone Maintainer they would subconsciously put "Root" in front of it and your abstract notes that this isn't really a concern for (current) root zone plans. DW _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
