Re: ipseckey (fwd)

[Thomas Narten <narten@us.ibm.com>]

> The scope of work is to identify what information is needed in an
> IPSEC-specific keying resource record. The content of the resource
> record are not limited to only the information that is in the DNS
> KEY record but may also contain useful IPSEC information information,
> such as that which is required for Opportunistic Encryption. Other
> possible uses are out of scope for this working group, since any
> reuse will require a careful analysis of the trust model and possible
> security interactions with IPsec.

Note: above seems to say scope of work is limited to defining  what
information would be needed in such an RR, but not actually define the
bits in the RR itself. But the milestones, suggest otherwise.

The contents of the RR itself needs to (somehow) be defined in tandem
with the dnsext WG. I would not suggest that this WG wait until it is
done and ready for IETF LC before dnsext is brought in. More words in
the charter along these lines might be good.

>    MAR 03       Solicit various proposals on what information is needed in 
>                 IPSEC specific KEYing record

Sounds like requirements gathering/problem determination. Good.
> 
>    APR 03       Publish first Internet-Draft of consensus DNS Resource 
>                 Record

This is the format of the RR.

>    MAY 03       Complete WG Last Call on consensus DNS RR proposal document 
>                 and pass document to IESG for consideration as a Proposed 
>                 Standard 

nits:

> The scope of work is to identify what information is needed in an
> IPSEC-specific keying resource record. The content of the resource
> record are not limited to only the information that is in the DNS

s/are/is/
> KEY record but may also contain useful IPSEC information information,

double word.

Thomas