Valery Smyslov wrote:
Thanks for the review!
I found the document almost ready. A few editorial issues should be resolved.
1. Throughout the document attribute INTERNAL_DNSSEC_TA is often called
INTERNAL_DNS_TA.
Please, choose a single name :-)
Fixed. Should have been INTERNAL_DNSSEC_TA everywhere.
s/one more more/one or more
Fixed.
3. Section 4.1
o Domain Name (0 or more octets) - A Fully Qualified Domain Name
used for Split DNS rules, such as example.com, in DNS presentation
format and optionally using IDNA [RFC5890] for Internationalized
Domain Names. The value is NOT null-terminated.
Why NOT is in uppercase? It is not a RFC2119 word, I guess...
It was a warning to C programmers :)
I changed it to:
Implementors need to be careful that this value is not null-terminated.
4. Section 4.2
o DNSKEY algorithm (0 or 1 octet) - Value from the IANA DNS Security
Algorithm Numbers Registry
o DS algorithm (0 or 1 octet) - Value from the IANA Delegation
Signer (DS) Resource Record (RR) Type Digest Algorithms Registry
There are no such fields in the picture above. There are fields
Algorithm and Digest Type. Please, make the names match
those in the picture.
Fixed.
5. Section 6
INTERNAL_DNSSEC_TA directives MUST immediately follow an
INTERNAL_DNS_DOMAIN directive. As the INTERNAL_DNSSEC_TA format
itself does not contain the domain name, it relies on the preceding
INTERNAL_DNS_DOMAIN to provide the domain for which it specifies the
trust anchor.
s/directives/attributes
s/directive/attribute
I did s/directive/payload/ instead.
I'll push -03 once the submission window opens again tomorrow.
Paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
