On Wed, 13 Apr 2022, Tim Wicinski wrote: [speaking as individual contributor]
Subject: [DNSOP] additional documents for draft-ietf-dnsop-dnssec-bcp
During the call for adoption, a few folks mentioned other DNSSEC documents (7129 comes to mind). While I trust Mr. Hoffman's attention to detail, I wanted to do a quick check to make sure nothing slipped by. I pulled this list from rfc-editor.org of every RFC with DNSSEC as a keyword or in the title. https://gist.github.com/moonshiner/0746776f2351ae9c8e3edb3373ee39c6 The ones marked "No" were made by me. Feel free to say otherwise. However, I left 8 RFCs undecided. If the WG has any opinions on those, please feel free to speak up.
If we do it as both a reference of DNSSEC and a BCP, then I think we should add: RFC 8901 Multi-Signer DNSSEC Models RFC 8027 a.k.a. BCP 207 DNSSEC Roadblock Avoidance RFC 7583 DNSSEC Key Rollover Timing Considerations RFC 7129 Authenticated Denial of Existence in the DNS RFC 4470 Minimally Covering NSEC Records and DNSSEC On-line Signing I would not include these that you included: RFC 9157 Revised IANA Considerations for DNSSEC [It's IETF administrivia] RFC 6014 Cryptographic Algorithm Identifier Allocation for DNSSEC [It's IETF administrivia] RFC 5933 Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC [Algo is dead] Otherwise, I agree with you. Paul _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
