From: Bob Harold
Date: 2016-10-25 00:25
To: Jiankang Yao; IETF DNSOP WG
Subject: Re: [DNSOP] Fw: New Version Notification for
draft-yao-dnsop-accompanying-questions-01.txt
> I like the concept.
>
thanks.
> The AQ bit and count are probably unnecessary, the option length will
> determine
I agree with Matthijs. Looking at 6781 that makes the most sense.
tim
On Tue, Oct 25, 2016 at 8:17 AM, Matthijs Mekking
wrote:
>
>
> On 25-10-16 15:15, Marcos Sanz wrote:
>
>> Matthijs,
>>
>> my attention has been brought to the KSK rollover double-signature
>>>
On 25-10-16 15:15, Marcos Sanz wrote:
Matthijs,
my attention has been brought to the KSK rollover double-signature
style
described in 6781 and what I think is a mistake/oblivion there.
Section
4.1.2 states
[...]
You are right: DS_K_2 may only be provided to the parent *after* the TTL
Matthijs,
> > my attention has been brought to the KSK rollover double-signature
style
> > described in 6781 and what I think is a mistake/oblivion there.
Section
> > 4.1.2 states
[...]
> You are right: DS_K_2 may only be provided to the parent *after* the TTL
> of DNSKEY_K_1 has passed.
Hi Marc,
> For .nl we have rolled the KSK conform the double KSK method as
described in RFC7583. We didn't notice a mistake or oblivion there :-0
please consider that my comment applied only to RFC 6781.
Best,
Marcos
___
DNSOP mailing list
Hi Marcos,
For .nl we have rolled the KSK conform the double KSK method as described in
RFC7583. We didn't notice a mistake or oblivion there :-0
Grtz,
Marc
-Original Message-
From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of Matthijs Mekking
Sent: dinsdag 25 oktober 2016 12:35
Hi Marco,
On 24-10-16 17:47, Marcos Sanz wrote:
Hi all,
my attention has been brought to the KSK rollover double-signature style
described in 6781 and what I think is a mistake/oblivion there. Section
4.1.2 states
initial: Initial version of the zone. The parental DS points to