Perfect, thanks Paul. On Wed, Aug 3, 2022, 07:50 Paul Hoffman <paul.hoff...@icann.org> wrote:
> On Aug 3, 2022, at 6:48 AM, Gavin McCullagh <gmccull...@gmail.com> wrote: > > > > > > > Nonetheless, the significant deployment of > > > DNSSEC within some top-level domains (TLDs), and the near-universal > > > deployment of DNSSEC in the TLDs, demonstrate that DNSSEC is suitable > > > for implementation by both ordinary and highly sophisticated domain > > > owners. > > > > Maybe it's my lack of dns inside baseball terminology > > Nope; it was just my unclear writing. > > > but I found the hard distinction between "within" and "in" a bit > confusing here and had to re-read to grok what was meant. It might be > clearer to contrast e.g. "at the TLDs" with "below/within some TLDs" to > bring out the distinction. > > Proposed fix: > > Nonetheless, the significant deployment of DNSSEC beneath some top-level > domains (TLDs), > and the near-universal deployment of DNSSEC for the TLDs in the DNS root > zone, > > > > > > * [RFC7344] describes using the CDS and CDNSKEY resource records to > > > help automate the creation of DS records in the parents of signed > > > zones. > > > > The term used in the RFC is "maintenance" as opposed to "creation" which > seems more precise, given that CDS does not directly address initial > creation of a DS. > > Good catch! Fixed. > > --Paul Hoffman
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
