The IESG has approved the following document: - 'Signaling Trust Anchor Knowledge in DNS Security Extensions (DNSSEC)' (draft-ietf-dnsop-edns-key-tag-05.txt) as Proposed Standard This document is the product of the Domain Name System Operations Working Group. The IESG contact persons are Benoit Claise and Joel Jaeggli. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-dnsop-edns-key-tag/ Technical Summary This document specifies two different ways for validating DNS resolvers to signal to a server which DNSSEC keys are referenced in their chain-of- trust. The data from such signaling allow zone administrators to monitor the progress of rollovers in a DNSSEC-signed zone. This document describes two independent methods for validating resolvers to publish their referenced keys: an EDNS option and a different DNS query. Working Group Summary The working group was in strong consensus behind this document. One thing which did emerge was that there was a division over two methods for publishihng the keys (EDNS option vs a DNS query). It turned out that each method had its positives and its negatives. The consensus from the working group was to offer both alternatives, documents the flaws in each. Document Quality The document shepherd did a deep dive on the document for technical correctness, as well as an editorial pass for grammar and diction. The shepherd feels this document is ready for publication. (4) Personnel Tim Wickinski is the document shpeherd, Joel Jaeggli is the Area Director
