Skip to main content

Security Considerations for RFC5011 Publishers
draft-ietf-dnsop-rfc5011-security-considerations-13

Revision differences

Document history

Date Rev. By Action
2019-01-17
13 (System) Document has expired
2019-01-17
13 (System) IESG state changed to Dead from AD is watching
2018-07-20
13 Tim Wicinski ****
Currently did  not achieve enough comments to reach even rough consensus. 
****
2018-07-20
13 Tim Wicinski IETF WG state changed to Held by WG from Submitted to IESG for Publication
2018-07-16
13 Warren Kumari New version available: draft-ietf-dnsop-rfc5011-security-considerations-13.txt
2018-07-16
13 (System) New version approved
2018-07-16
13 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2018-07-16
13 Warren Kumari Uploaded new revision
2018-07-14
12 Adam Roach Taking out of the "publication requested" state, as the chairs and author have indicated that additional working-group input is required before AD evaluation is completed.
2018-07-14
12 Adam Roach IESG state changed to AD is watching from Publication Requested
2018-07-09
12 Warren Kumari Shepherding AD changed to Adam Roach
2018-07-06
12 Tim Wicinski
As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated …
As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated 24 February 2012.

This is the Shepherd write up for draft-ietf-dnsop-rfc5011-security-considerations

(1) The document is being presented as a Proposed Standard, though it also
claims to be updated RFC7583, which is published as  informational; and based on
the path the document took to reach consensus, it could easily be addressed
as Informational.

(2)

Technical Summary: 

    This document extends the RFC5011 DNSSEC Key Rollover Strategy with
    additional timing advice that must be followed by the publisher in to
    maintain security.

Working Group Summary:

    The Working Group had a very *rough* consenus on this draft. The document is
    designed to update the timing requirements of RFC5011 in performing key
    rollover. There were several reviews which the authors were able to resolve.
    However, the largest issue was with the author of RFC5011 who felt the math in
    this document was too complicated and did not add enough to RFC5011 to make it
    useful. 

    Despite this, the rest of the working group achieved consensus on this document.
    The chairs and this shpeherd felt it should be moved along, with these caveats
    spelled out explicitly.

Document Quality

    The document describes the timing requirements around updating the DNSSEC
    keys of the root.  This document has gone through several thorough reviews
    by several members of the root server community, and they were OK with the
    document.

Personnel

    Document Shepherd is Tim Wicinski and Area Director is currently Warren
    Kumari, but he is also one of the authors.

(3)  The document shepherd did several thorough reviews of this
document, both for content as well as editing issues. The shepherd feels it is
ready for publication, with the rough consensus caveat.

4) The document shepherd is more than satisfied with the depth and
breath of the reviews.

(5) It is the opinion of the document shepherd that this document does
not need broader reviews.

(6) The document shepherd has no specific concerns or issues with this
document.

(7) The authors have confirmed that there are no IPR disclosures that
need to be filed.

(8) No IPR disclosures have been filed for this document.

(9) The working group was able to come to consesus.  The one outlier was the
author of RFC5011, which this document is designed to be ab operational
companion document.  It is hard to accurately express the authors feelings, so
I will include a few links to help guide the IESG.

https://mailarchive.ietf.org/arch/msg/dnsop/p04PVo6g7MqduifWnrwIWJtIZRA
https://mailarchive.ietf.org/arch/msg/dnsop/zVXnwsojzdAhoC9T1Pfp_93HL3Q

It is the opinion of the document shepherd that given the conflicts in gathering
consensus, the Intended status should be Informational rather than Standards
Track.

(10) No one has threatened an appeal.

(11)  The Major nits here are 1) stating this document - which is listed as
Standards Track - updating an Informational RFC.  Also RFC 7583 and RFC7719 are
listed as normative.

(12) Document does not meet any required formal review criteria.

(13)  All references have been identified as either normative or
informative.

(14) There are not normative references that are holding up this
document.

(15) There are two downward normative references;  RFC7583 (which tihs document
discusses updating); and RFC7719 (which is current DNS Terminology document)

(16) This document wished to update RFC7583, though it is not marked in the
discussion.

(17) The IANA considerations section requests an update to the Resource
Record (RR) Types Registry to reference this document for one value.
This is consistent with the body of the document.

(18) There are no new IANA registries.
2018-07-06
12 Tim Wicinski Responsible AD changed to Warren Kumari
2018-07-06
12 Tim Wicinski IETF WG state changed to Submitted to IESG for Publication from Waiting for WG Chair Go-Ahead
2018-07-06
12 Tim Wicinski IESG state changed to Publication Requested
2018-07-06
12 Tim Wicinski IESG process started in state Publication Requested
2018-07-06
12 Tim Wicinski Changed document writeup
2018-04-18
12 Tim Wicinski IETF WG state changed to Waiting for WG Chair Go-Ahead from In WG Last Call
2018-03-23
12 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-12.txt
2018-03-23
12 (System) New version approved
2018-03-23
12 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2018-03-23
12 Wes Hardaker Uploaded new revision
2018-02-01
11 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-11.txt
2018-02-01
11 (System) New version approved
2018-02-01
11 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2018-02-01
11 Wes Hardaker Uploaded new revision
2017-12-19
10 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-10.txt
2017-12-19
10 (System) New version approved
2017-12-19
10 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2017-12-19
10 Wes Hardaker Uploaded new revision
2017-12-07
09 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-09.txt
2017-12-07
09 (System) New version approved
2017-12-07
09 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2017-12-07
09 Wes Hardaker Uploaded new revision
2017-11-29
08 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-08.txt
2017-11-29
08 (System) New version approved
2017-11-29
08 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2017-11-29
08 Wes Hardaker Uploaded new revision
2017-11-12
07 Tim Wicinski Added to session: IETF-100: dnsop  Mon-0930
2017-10-18
07 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-07.txt
2017-10-18
07 (System) New version approved
2017-10-18
07 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2017-10-18
07 Wes Hardaker Uploaded new revision
2017-10-18
06 Tim Wicinski Notification list changed to Tim Wicinski <tjw.ietf@gmail.com>
2017-10-18
06 Tim Wicinski Document shepherd changed to Tim Wicinski
2017-10-18
06 Tim Wicinski Changed consensus to Yes from Unknown
2017-10-18
06 Tim Wicinski Intended Status changed to Proposed Standard from None
2017-10-18
06 Tim Wicinski IETF WG state changed to In WG Last Call from WG Document
2017-10-16
06 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-06.txt
2017-10-16
06 (System) New version approved
2017-10-16
06 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2017-10-16
06 Wes Hardaker Uploaded new revision
2017-09-19
05 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-05.txt
2017-09-19
05 (System) New version approved
2017-09-19
05 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2017-09-19
05 Wes Hardaker Uploaded new revision
2017-09-13
04 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-04.txt
2017-09-13
04 (System) New version approved
2017-09-13
04 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2017-09-13
04 Wes Hardaker Uploaded new revision
2017-09-12
03 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-03.txt
2017-09-12
03 (System) New version approved
2017-09-12
03 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2017-09-12
03 Wes Hardaker Uploaded new revision
2017-06-27
02 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-02.txt
2017-06-27
02 (System) New version approved
2017-06-27
02 (System) Request for posting confirmation emailed to previous authors: Wesley Hardaker , Warren Kumari
2017-06-27
02 Wes Hardaker Uploaded new revision
2017-05-23
01 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-01.txt
2017-05-23
01 (System) New version approved
2017-05-23
01 (System) Request for posting confirmation emailed to previous authors: dnsop-chairs@ietf.org, Wesley Hardaker , Warren Kumari
2017-05-23
01 Wes Hardaker Uploaded new revision
2017-05-02
00 Tim Wicinski This document now replaces draft-hardaker-rfc5011-security-considerations instead of None
2017-04-04
00 Wes Hardaker New version available: draft-ietf-dnsop-rfc5011-security-considerations-00.txt
2017-04-04
00 (System) WG -00 approved
2017-04-03
00 Wes Hardaker Set submitter to "Wes Hardaker ", replaces to (none) and sent approval email to group chairs: dnsop-chairs@ietf.org
2017-04-03
00 Wes Hardaker Uploaded new revision