[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

draft-ietf-dnsext-dnssec-opt-in-05.txt

To: namedroppers@ops.ietf.org
Subject: draft-ietf-dnsext-dnssec-opt-in-05.txt
From: Roy Arends <roy@logmess.com>
Date: Fri, 28 Feb 2003 11:34:48 +0100 (CET)

We've sent draft-ietf-dnsext-dnssec-opt-in-05.txt off to the
Internet-Drafts administrator. This the URL for what we've sent in:

   http://www.logmess.com/~roy/draft-ietf-dnsext-dnssec-opt-in-05.txt

The following are changes suggested by WG as per version 04:

      Added definitions for "signed name" and "unsigned name".

      Added text to make it clear that insecure delegations may have
      Opt-In NXT records of the same name.  Updated the example to have
      one of these.

      Changed Server-side requirements from MUST NOT to SHOULD NOT and
      added some basic description of what action to take in the face of
      violating the delegation-only restriction.

      Relaxed requirement that servers drop negative wildcard proof from
      MUST to MAY, reiterated the client requirement.

      Added section on Dynamic Update declaring it to be undefined wrt
      Opt-In.

      Essentially rewrote the "Security Considerations" section. It does
      not actually say anything different, but hopefully it says it in a
      clearer fashion.

      Split references into Normative and Informative.

      Fixed the example zone and responses to match Delegation Signer.

Roy

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Prev by Date: Re: Poison in a zone
Next by Date: Re: DNSEXT WGLC: DNSSEC Opt-in Process
Previous by thread: DNSEXT WGLC: DNSSEC Opt-in Process
Next by thread: clarity on wildcards
Index(es):
- Date
- Thread