On Wed, May 6, 2020 at 10:40 AM <internet-dra...@ietf.org> wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Domain Name System Operations WG of the > IETF. > > Title : The DELEGATION_ONLY DNSKEY flag > Authors : Paul Wouters > Wes Hardaker > Filename : draft-ietf-dnsop-delegation-only-00.txt > Pages : 11 > Date : 2020-05-06 > > Abstract: > This document introduces a new DNSKEY flag called DELEGATION_ONLY > that indicates that the particular zone will never sign zone data > across a label. That is, every label (dot) underneath is considered > a zone cut and must have its own (signed) delegation. Additionally, > it indicates the zone is expecting its parent to never bypass or > override the zone. DNSSEC Validating Resolvers can use this flag to > mark any data that violates the DELEGATION_ONLY policy as BOGUS. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-delegation-only/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-dnsop-delegation-only-00 > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-delegation-only-00 > >
Looks good to me. Minor note: 3.1. Affected parties and their roles "Validating Resolver: A validating that" -> "Validating Resolver: A validating resolver that" -- Bob Harold
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop