Thanks for the review, I will update the copy on the git accordingly. Yours, Daniel
On Fri, Apr 7, 2017 at 9:51 AM, Bob Harold <[email protected]> wrote: > > On Mon, Mar 27, 2017 at 10:16 AM, Daniel Migault < > [email protected]> wrote: > >> Hi, >> >> Please find an update of our draft on requirements for DNSSEC resolver. >> >> DNS resolvers hardly enable DNSSEC as 1) resolvers are not robust too DNS >> authoritative operations – like KSK roll over, signing errors…. – and 2) >> network administrators have little control on these resolvers to recover >> such situations. >> >> The draft describes how invalid DNSSEC related RRsets may be considered >> by the resolver. The listed requirements aim at designing mechanisms as >> well as interactions with network managers can easily solve/avoid these >> situations. Such mechanisms are expected to encourage DNSSEC deployment on >> resolvers. >> >> Yours, >> Daniel >> >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] >> Sent: Monday, March 27, 2017 9:13 AM >> To: Edward Lewis <[email protected]>; Daniel Migault < >> [email protected]>; Dan York <[email protected]>; [email protected] < >> [email protected]> >> Subject: New Version Notification for draft-mglt-dnsop-dnssec-valida >> tor-requirements-04.txt >> >> >> A new version of I-D, draft-mglt-dnsop-dnssec-valida >> tor-requirements-04.txt >> has been successfully submitted by Daniel Migault and posted to the IETF >> repository. >> >> Name: draft-mglt-dnsop-dnssec-validator-requirements >> Revision: 04 >> Title: DNSSEC Validators Requirements >> Document date: 2017-03-27 >> Group: Individual Submission >> Pages: 10 >> URL: https://www.ietf.org/internet- >> drafts/draft-mglt-dnsop-dnssec-validator-requirements-04.txt >> Status: https://datatracker.ietf.org/ >> doc/draft-mglt-dnsop-dnssec-validator-requirements/ >> Htmlized: https://tools.ietf.org/html/d >> raft-mglt-dnsop-dnssec-validator-requirements-04 >> Htmlized: https://datatracker.ietf.org/ >> doc/html/draft-mglt-dnsop-dnssec-validator-requirements-04 >> Diff: https://www.ietf.org/rfcdiff? >> url2=draft-mglt-dnsop-dnssec-validator-requirements-04 >> >> Abstract: >> DNSSEC provides data integrity and authentication for DNSSEC >> validators. However, without valid trust anchor(s) and an acceptable >> value for the current time, DNSSEC validation cannot be performed. >> This document lists the requirements to be addressed so resolvers can >> have DNSSEC validation can be always-on. >> > > A few minor sugguestions: > > The last part of the abstract > "can have DNSSEC validation can be always-on" > remove the last 'can' to get: > "can have DNSSEC validation be always-on" > > 2. Introduction Second paragraph ends: "and then most of the > communications relying on the DNS resolution." I would suggest "thus > disabling the communications relying on the DNS resolution." > > Fourth paragraph starts: > "The lake of management" > "lake" -> "lack" > > Fourth paragraph near end: > "these steps are way to small" > "to" -> "too" > and suggest > "these steps are much too small" > > Fifth paragraph > "and additiona mechanism" > try either > "and an additional mechanism" > or > "and additional mechanisms" > > 8. Private KSK/ZSK > "split-zone" -> "split-view" > > -- > Bob Harold > > > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop > >
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
