Reviewer: Benson Muite Review result: Ready with Nits I am an assigned INT directorate reviewer for <draft-ietf-dnsop-dnssec-bootstrapping-08.txt>. These comments were written primarily for the benefit of the Internet Area Directors. Document editors and shepherd(s) should treat these comments just like they would treat comments from any other IETF contributors and resolve them along with any other Last Call comments that have been received. For more details on the INT Directorate, see https://datatracker.ietf.org/group/intdir/about/ . Based on my review, if I was on the IESG I would ballot this document as YES. SUMMARY: The draft proposes a mechanism to enable automated initial validation of child subdomain CDS/CDNSKEY records when an out of balliwick name server is available and when the child zone name is not too long. SUGGESTIONS FOR IMPROVEMENT: 1. May want to minimize number of acronyms in the abstract, for example DS (Delegation Signer), CDS (Child DS) and CDNSKEY (Child Domain Name System public key) 2. Too long is not specified though is mentioned in section 4.4 - could more details be given and do deprecated out of band methods need to be used in such cases? Any estimates on how often too long names might occur? 3. Will there be a follow on informational best practice document based on operational experiences? Benson -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
