The IESG has approved the following document: - 'Usage and (D)TLS Profiles for DNS-over-(D)TLS' (draft-ietf-dprive-dtls-and-tls-profiles-11.txt) as Proposed Standard This document is the product of the DNS PRIVate Exchange Working Group. The IESG contact persons are Suresh Krishnan and Terry Manderson. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-dprive-dtls-and-tls-profiles/ Technical Summary This document discusses Usage Profiles, based on one or more authentication mechanisms, which can be used for DNS over Transport Layer Security (TLS) or Datagram TLS (DTLS). This document also specifies new authentication mechanisms - it describes several ways a DNS client can use an authentication domain name to authenticate a DNS server. Additionally, it defines (D)TLS profiles for DNS clients and servers implementing DNS-over-(D)TLS. Working Group Summary The working group spent much time working through all the different authentication mechanisms, primarily making sure that the DNS-over-TLS and DNS-over-DTLS profiles were accurate, which were held up waiting for the DNS-over-DTLS draft to be moved forward. Document Quality Document is of good quality. It has been through both normative review as well as editorial review and the shepherd feels it is worthy of publishing. Personnel Document Shepherd: Tim Wicinski Area Director: Terry Manderson
