A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations WG of the IETF.
Title : Multi Signer DNSSEC models
Authors : Shumon Huque
Pallavi Aras
John Dickinson
Jan Vcelak
David Blacka
Filename : draft-ietf-dnsop-multi-provider-dnssec-05.txt
Pages : 15
Date : 2020-04-19
Abstract:
Many enterprises today employ the service of multiple DNS providers
to distribute their authoritative DNS service. Deploying DNSSEC in
such an environment may present some challenges depending on the
configuration and feature set in use. In particular, when each DNS
provider independently signs zone data with their own keys,
additional key management mechanisms are necessary. This document
presents deployment models that accommodate this scenario and
describe these key management requirements. These models do not
require any changes to the behavior of validating resolvers, nor do
they impose the new key management requirements on authoritative
servers not involved in multi signer configurations.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-multi-provider-dnssec/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-dnsop-multi-provider-dnssec-05
https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-multi-provider-dnssec-05
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-multi-provider-dnssec-05
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
