All The chairs have been looking at two different drafts discussing the use of using DNS NOTIFY to update DNSSEC information. The two drafts are:
https://datatracker.ietf.org/doc/html/draft-thomassen-dnsop-generalized-dns-notify-01 https://datatracker.ietf.org/doc/html/draft-dsawp-notify-00 Mr Thomassen's draft is a bit more ambitious than Mr. Levine's draft, but both appear to work on the problem space of DNSSEC update automation. The chairs are big fans of work around making DNSSEC deployment more operationally resilient. We have some questions for the WG - if DNSOP adopted one of these, would DNS server vendors implement it down the road? (We think so) The ICANN SSAC has been looking at this issue, so the ICANN meeting this coming week may be a good time for technical folks to discuss some of these ideas. Feedback Welcome thanks tim
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
