Here's another document for folks to think about wrt its contents. I'd love feedback. Or if the WG is brave, adoption.
-------------------- Start of forwarded message -------------------- From: internet-dra...@ietf.org To: "Wes Hardaker" <i...@hardakers.net> Subject: New Version Notification for draft-hardaker-dnsop-intentionally-temporary-insec-00.txt Date: Sun, 21 Feb 2021 12:42:01 -0800 A new version of I-D, draft-hardaker-dnsop-intentionally-temporary-insec-00.txt has been successfully submitted by Wes Hardaker and posted to the IETF repository. Name: draft-hardaker-dnsop-intentionally-temporary-insec Revision: 00 Title: Intentionally Temporarily Insecure Document date: 2021-02-21 Group: Individual Submission Pages: 6 URL: https://www.ietf.org/archive/id/draft-hardaker-dnsop-intentionally-temporary-insec-00.txt Status: https://datatracker.ietf.org/doc/draft-hardaker-dnsop-intentionally-temporary-insec/ Htmlized: https://datatracker.ietf.org/doc/html/draft-hardaker-dnsop-intentionally-temporary-insec Htmlized: https://tools.ietf.org/html/draft-hardaker-dnsop-intentionally-temporary-insec-00 Abstract: Performing DNSKEY algorithm transitions with DNSSEC signing is unfortunately challenging to get right in practice without decent tooling support. This document weighs the correct, completely secure way of rolling keys against an alternate, significantly simplified, method that takes a zone through an insecure state. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat -------------------- End of forwarded message -------------------- -- Wes Hardaker USC/ISI _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
