Yuri,
Thanks for the feedback.
On 14 Aug 2012, at 09:54, Yuri Schaeffer y...@nlnetlabs.nl wrote:
I reviewed the DNSSEC Key Timing Considerations
draft-ietf-dnsop-dnssec-key-timing-03.txt document rather extensively
with emphasis on verifying correctness of the rollover timelines. I
believe
I reviewed the DNSSEC Key Timing Considerations
draft-ietf-dnsop-dnssec-key-timing-03.txt document rather extensively
with emphasis on verifying correctness of the rollover timelines. I
believe these are correct.
A remark:
4. Standby Keys, paragraph 6: Finally, in the Double-DS method of
rolling
On 24/07/2012 07:53, Matthijs Mekking wrote:
General comment: this is an improvement.
some comments and suggestions below
The state of the key frequently depends on the viewpoint, for example
zone may have key in active state but due to propagation delay some
validators may think the key is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/24/2012 03:59 PM, Paul Wouters wrote:
On Tue, 24 Jul 2012, Matthijs Mekking wrote:
But both descriptions may be valid at the same point in time. So
I would like to say the key can be Published and Active at the
same time.
2. A key can
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/24/2012 05:11 PM, Joe Abley wrote:
On 2012-07-24, at 07:53, Matthijs Mekking wrote:
As you might know, I had this idea of unraveling key states.
Instead of having states that describe the overall state of the
key, we would have states
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Stephen asked me to send this suggestion we had (surfaced from
discussions) to the list. We would like to have input before the
upcoming IETF meeting.
Modification to the key states
==
As you might know, I had this
On Tue, 24 Jul 2012, Matthijs Mekking wrote:
But both descriptions may be valid at the same point in time. So I
would like to say the key can be Published and Active at the same time.
2. A key can have more than one state at a time.
I would not be in favour or using states where there is
On 2012-07-24, at 07:53, Matthijs Mekking wrote:
As you might know, I had this idea of unraveling key states. Instead
of having states that describe the overall state of the key, we would
have states for components of the key. How to divide the key into
components is based on the parts that
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations Working Group
of the IETF.
Title : DNSSEC Key Timing Considerations
Author(s) : Stephen Morris
After much delay, the -03 version of the key timing draft has been
submitted. It incorporates a number of comments made on-list and
privately: many thanks to Mark Lampo, Matthijs Mekking and Alfred
Hoenes.
Perhaps the most significant change concerns the timing considerations
related to the
10 matches
Mail list logo