On Tue, Jun 5, 2018 at 6:09 AM <[email protected]> wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Domain Name System Operations WG of the > IETF. > > Title : A Root Key Trust Anchor Sentinel for DNSSEC > Authors : Geoff Huston > Joao Silva Damas > Warren Kumari > Filename : draft-ietf-dnsop-kskroll-sentinel-13.txt > Pages : 20 > Date : 2018-06-05 > > Abstract: > The DNS Security Extensions (DNSSEC) were developed to provide origin > authentication and integrity protection for DNS data by using digital > signatures. These digital signatures can be verified by building a > chain of trust starting from a trust anchor and proceeding down to a > particular node in the DNS. This document specifies a mechanism that > will allow an end user and third parties to determine the trusted key > state for the root key of the resolvers that handle that user's DNS > queries. Note that this method is only applicable for determining > which keys are in the trust store for the root key. > > [ This document is being collaborated on in Github at: > https://github.com/APNIC-Labs/draft-kskroll-sentinel. The most > recent version of the document, open issues, etc should all be > available here. The authors (gratefully) accept pull requests. RFC > Editor, please remove text in square brackets before publication. ] > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-kskroll-sentinel/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-dnsop-kskroll-sentinel-13 > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-kskroll-sentinel-13 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-kskroll-sentinel-13 > > Looks good. A few nits:
4.1. Test Scenario and Objective "loose" -> "lose" 4.3. Test Procedure "The sentinel detection process test a DNS resolution environment with three query names:" Perhaps "tests" is better grammer? "The sentinel detection process *tests* a DNS resolution environment with three query names:" -- Bob Harold
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
