[On 20 Jan, @ 09:07, Gilles wrote in "Re: [dnsop] I-D ACTION:draft-i ..."] > Hello, > the new version of the draft is now available. We have taken into > account remarks, principally these from samuel Weiler and Rip Loomis, > and include a document changes section. > > Please consider that any point in this draft are not fixed. Indeed, we > (the authors) think that the way to do the key rollover (in-band, out-of > band or both) must be discussed to solve problem that can occur and
I've read the draft and I'm not seeing such a discussion. In draft-ietf-dnsop-dnssec-operational-practices-03.txt Olaf and I describe (I think it was 4) types of key rollovers. None of these are discussed in requirements-02. Allthough some of the pros and cons are discussed in practices-03. Maybe your are looking to extend that? Also what would be the fundamental difference between in band or out of band rollovers? I both cases keys are created/exchanged/transformed, only the transport to the parent (in case of a KSK rollover) is different. Regards, Miek . dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
