draft-ietf-dnsext-dnssec-bis-updates-02.txt   draft-ietf-dnsext-dnssec-bis-updates-03.txt 
Network Working Group S. Weiler Network Working Group S. Weiler
Internet-Draft SPARTA, Inc Internet-Draft SPARTA, Inc
Updates: 4034, 4035 (if approved) R. Austein Updates: 4034, 4035 (if approved) R. Austein
Expires: July 15, 2006 ISC Expires: December 28, 2006 ISC
January 11, 2006 June 26, 2006
Clarifications and Implementation Notes for DNSSECbis Clarifications and Implementation Notes for DNSSECbis
draft-ietf-dnsext-dnssec-bis-updates-02 draft-ietf-dnsext-dnssec-bis-updates-03
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 35 skipping to change at page 1, line 35
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on July 15, 2006. This Internet-Draft will expire on December 28, 2006.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2006). Copyright (C) The Internet Society (2006).
Abstract Abstract
This document is a collection of minor technical clarifications to This document is a collection of minor technical clarifications to
the DNSSECbis document set. It is meant to serve as a resource to the DNSSECbis document set. It is meant to serve as a resource to
implementors as well as an interim repository of possible DNSSECbis implementors as well as an interim repository of DNSSECbis errata.
errata.
Proposed additions in future versions Proposed additions in future versions
An index sorted by the section of DNSSECbis being clarified. An index sorted by the section of DNSSECbis being clarified.
A list of proposed protocol changes being made in other documents, A list of proposed protocol changes being made in other documents,
such as [I-D.ietf-dnsext-dnssec-online-signing] and [I-D.ietf-dnsext- such as [RFC4470] and [I-D.ietf-dnsext-nsec3]. This document would
nsec3]. This document would not make those changes, merely provide not make those changes, merely provide an index into the documents
an index into the documents that are making changes. that are making changes.
Changes between -02 and -03
Updated references.
Changes between -01 and -02 Changes between -01 and -02
Added Section 4.4. Added Section 4.4.
Changes between -00 and -01 Changes between -00 and -01
Document significantly restructured. Document significantly restructured.
Added Section 2.3. Added Section 2.3.
skipping to change at page 9, line 23 skipping to change at page 9, line 23
preserving the security properties DNSSEC offers. Furthermore, preserving the security properties DNSSEC offers. Furthermore,
failure to address some of the interoperability concerns in Section 3 failure to address some of the interoperability concerns in Section 3
could limit the ability to later change or expand DNSSEC, including could limit the ability to later change or expand DNSSEC, including
by adding new algorithms. by adding new algorithms.
7. References 7. References
7.1. Normative References 7.1. Normative References
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities", [RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
RFC 1034, STD 13, November 1987. STD 13, RFC 1034, November 1987.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, BCP 14, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S. [RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S.
Rose, "DNS Security Introduction and Requirements", Rose, "DNS Security Introduction and Requirements",
RFC 4033, March 2005. RFC 4033, March 2005.
[RFC4034] Arends, R., Austein, R., Larson, M., Massey, D., and S. [RFC4034] Arends, R., Austein, R., Larson, M., Massey, D., and S.
Rose, "Resource Records for the DNS Security Extensions", Rose, "Resource Records for the DNS Security Extensions",
RFC 4034, March 2005. RFC 4034, March 2005.
[RFC4035] Arends, R., Austein, R., Larson, M., Massey, D., and S. [RFC4035] Arends, R., Austein, R., Larson, M., Massey, D., and S.
Rose, "Protocol Modifications for the DNS Security Rose, "Protocol Modifications for the DNS Security
Extensions", RFC 4035, March 2005. Extensions", RFC 4035, March 2005.
7.2. Informative References 7.2. Informative References
[I-D.ietf-dnsext-dnssec-experiments] [I-D.ietf-dnsext-dnssec-experiments]
Blacka, D., "DNSSEC Experiments", Blacka, D., "DNSSEC Experiments",
draft-ietf-dnsext-dnssec-experiments-01 (work in draft-ietf-dnsext-dnssec-experiments-03 (work in
progress), July 2005. progress), April 2006.
[I-D.ietf-dnsext-dnssec-online-signing]
Weiler, S. and J. Ihren, "Minimally Covering NSEC Records
and DNSSEC On-line Signing",
draft-ietf-dnsext-dnssec-online-signing-01 (work in
progress), January 2006.
[I-D.ietf-dnsext-nsec3] [I-D.ietf-dnsext-nsec3]
Laurie, B., "DNSSEC Hash Authenticated Denial of Laurie, B., "DNSSEC Hashed Authenticated Denial of
Existence", draft-ietf-dnsext-nsec3-03 (work in progress), Existence", draft-ietf-dnsext-nsec3-05 (work in progress),
October 2005. May 2006.
[I-D.ietf-dnsop-dnssec-operational-practices] [I-D.ietf-dnsop-dnssec-operational-practices]
Gieben, R. and O. Kolkman, "DNSSEC Operational Practices", Gieben, R. and O. Kolkman, "DNSSEC Operational Practices",
draft-ietf-dnsop-dnssec-operational-practices-06 (work in draft-ietf-dnsop-dnssec-operational-practices-08 (work in
progress), October 2005. progress), March 2006.
[RFC3597] Gustafsson, A., "Handling of Unknown DNS Resource Record [RFC3597] Gustafsson, A., "Handling of Unknown DNS Resource Record
(RR) Types", RFC 3597, September 2003. (RR) Types", RFC 3597, September 2003.
[RFC4470] Weiler, S. and J. Ihren, "Minimally Covering NSEC Records
and DNSSEC On-line Signing", RFC 4470, April 2006.
Appendix A. Acknowledgments Appendix A. Acknowledgments
The editors are extremely grateful to those who, in addition to The editors are extremely grateful to those who, in addition to
finding errors and omissions in the DNSSECbis document set, have finding errors and omissions in the DNSSECbis document set, have
provided text suitable for inclusion in this document. provided text suitable for inclusion in this document.
The lack of specificity about handling private algorithms, as The lack of specificity about handling private algorithms, as
described in Section 3.2, and the lack of specificity in handling ANY described in Section 3.2, and the lack of specificity in handling ANY
queries, as described in Section 2.3, were discovered by David queries, as described in Section 2.3, were discovered by David
Blacka. Blacka.
skipping to change at page 11, line 9 skipping to change at page 11, line 9
also contributed text for Section 4.3 of this document. also contributed text for Section 4.3 of this document.
The editors would like to thank Danny Mayer, Olafur Gudmundsson, and The editors would like to thank Danny Mayer, Olafur Gudmundsson, and
Scott Rose for their substantive comments on the text of this Scott Rose for their substantive comments on the text of this
document. document.
Authors' Addresses Authors' Addresses
Samuel Weiler Samuel Weiler
SPARTA, Inc SPARTA, Inc
7075 Samuel Morse Drive 7110 Samuel Morse Drive
Columbia, Maryland 21046 Columbia, Maryland 21046
US US
Email: weiler@tislabs.com Email: weiler@tislabs.com
Rob Austein Rob Austein
ISC ISC
950 Charter Street 950 Charter Street
Redwood City, CA 94063 Redwood City, CA 94063
USA USA
 End of changes. 12 change blocks. 
25 lines changed or deleted 25 lines changed or added

This html diff was produced by rfcdiff 1.32. The latest version is available from http://www.levkowetz.com/ietf/tools/rfcdiff/