We've posted a new version of draft-pauly-ipsecme-split-dns
The changes in this version include:
- Textual clarification based on input from Daniel and Tero
- Clarification of DNSSEC payload types
- Update on the content and structure of the INTERNAL_DNSSEC_TA
- How to associate DNSSEC values with specific domains
- Naming changes (IPSec -> IPsec, Split-DNS -> Split DNS)
We believe this should be ready for adoption and moving forward, to follow the
charter. Please review and provide your input!
> Begin forwarded message:
> From: internet-dra...@ietf.org
> Subject: New Version Notification for draft-pauly-ipsecme-split-dns-02.txt
> Date: September 21, 2016 at 1:27:23 PM PDT
> To: Tommy Pauly <tpa...@apple.com>, Paul Wouters <pwout...@redhat.com>
> A new version of I-D, draft-pauly-ipsecme-split-dns-02.txt
> has been successfully submitted by Tommy Pauly and posted to the
> IETF repository.
> Name: draft-pauly-ipsecme-split-dns
> Revision: 02
> Title: Split DNS Configuration for IKEv2
> Document date: 2016-09-21
> Group: Individual Submission
> Pages: 12
> Htmlized: https://tools.ietf.org/html/draft-pauly-ipsecme-split-dns-02
> This document defines two Configuration Payload Attribute Types for
> the IKEv2 protocol that add support for private DNS domains. These
> domains should be resolved using DNS servers reachable through an
> IPsec connection, while leaving all other DNS resolution unchanged.
> This approach of resolving a subset of domains using non-public DNS
> servers is referred to as "Split DNS".
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> The IETF Secretariat
IPsec mailing list