The IESG has approved the following document: - 'DNSSEC Opt-In ' <draft-ietf-dnsext-dnssec-opt-in-09.txt> as an Experimental RFC This document is the product of the DNS Extensions Working Group. The IESG contact persons are Mark Townsley and Jari Arkko. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-opt-in-09.txt Technical Summary opt-in is a method to disable the authenticated denial of existence for a range of domain names in a zone. It has been developed to generate a sparse set of NSEC RRs in a zone that contains mostly delegations i.e. to opt-in the secure delegations. The span of delegations for which authenticated denial is not available is still indicated using an NSEC resource record. 'NSEC-bit' in the type bitmap of the NSEC RDATA is used to signal the different semantic of the opt-in type NSEC RR. opt-in is a methodology that is backwards incompatible with DNSSEC; in order to perform a trial the methodology described in draft-ietf-dnsext-dnssec-experiments is applied. Working Group Summary A couple of years ago this document had thourough technical review around 2002. This version of the document has been slightly updated to reflect changes to DNSSEC since 2002 and to turn it into an experiment of the form described in draft-ietf-dnsext-dnssec-experiments. During the development of the OPT-IN spec before and in 2002 there has been in depth review and feedback by several core members of the working group. At that time the consensus was that the document was technologically solid but there was no consent the mechanism. This time around the views of many folk have changed and they do not have any problems with the OPT-IN technology going forward as an experiment. The same functionality is introduced work currently in DNSEXT NSEC3. Document Quality The document has been reviewed by Scott Rose (http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg00316.html) Mark Kosters (http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg00309.html, he is one of the initial editors) Rodney Joffe (http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg00335.html) and dnsext chair Olaf Kolkman. There has been some discussion after we advanced the document in which it became clear that Ed Lewis also reviewed the document and supported experimental status. (http://ops.ietf.org/lists/namedroppers/namedroppers.2006/msg00902.html) _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce
