Re: [DNSOP] Call for Adoption for draft-wessels-edns-key-tag

Whoops, I thought I'd already responded to this, but apparently not... On Sat, Nov 28, 2015 at 7:45 AM Tim Wicinski wrote: > > This starts a Call for Adoption for draft-wessels-edns-key-tag > > The draft is available here: >

Re: [DNSOP] Call for Adoption for draft-wessels-edns-key-tag

Hi Mark, > On Nov 29, 2015, at 6:55 PM, Mark Andrews wrote: > > > > Some feedback with respect to installed trust anchors is needed. > > Whether this is the correct solution I'm not sure. It requires > updating all resolvers in the resolution path to both cache and > relay

Re: [DNSOP] Call for Adoption for draft-wessels-edns-key-tag

On Mon, Nov 30, 2015 at 05:29:53PM +, Wessels, Duane wrote: > As I've said a number of times before, the edns-key-tag proposal is modelled > after RFC 6975, which does the same thing for algorithms. If it works for > algorithms why wouldn't it work for key tags? Does it work? Has anyone

Re: [DNSOP] Call for Adoption for draft-wessels-edns-key-tag

All, I think this is a nice approach for gaining confidence in a rollover of a key that acts as a trust anchor. It can even be used to detect validators that have missed the rollover. I would however be cautious with using the information as an event trigger. The draft says The goal of these

Re: [DNSOP] Call for Adoption for draft-wessels-edns-key-tag

Some feedback with respect to installed trust anchors is needed. Whether this is the correct solution I'm not sure. It requires updating all resolvers in the resolution path to both cache and relay tags. The same can be achieved by encoding the tags into qnames/qtypes without needing the

[DNSOP] Call for Adoption for draft-wessels-edns-key-tag

This starts a Call for Adoption for draft-wessels-edns-key-tag The draft is available here: https://datatracker.ietf.org/doc/draft-wessels-edns-key-tag/ There was unanimous support this during the meeting in Yokohama, so this is more of a formality, unless we hear strong negative reaction.