George Michaelson <ggm@xxxxxxxxxxxx> writes: > are you saying you want one document? they appear to do slightly different things. One signals DS/DNSKEY update and nothing > else. The other has a flagword capable notation and signals intent about immediacy or SOA timed change, in and out of > baliwick, and the NS list. > > I could imagine a net win by the authors banging this into one > document. YMMV This was heavily discussed in the WG meetings. The authors actually don't want them to be merged (and this was the result of the long WG consensus too). One deals with the security implications of the security specific bootstrapping records (the DNSKEY and DS record), and the other *requires* the use of that record to be already operationally complete. The delegation-trust-maintainance document also requires a different security evaluation when performing the record authorization. I.E., the CDS record must be signed by the SEP key (KSK), not just any-old non-SEP key (a ZSK). The child-synchronization draft doesn't require this to be true. So though it *looks* like the problems are similar, there are a bunch of underpinnings that make them rather different. Hence the reason we don't think it's wise to merge them, as it'll actually make it problematic from a writing and reading perspective: processing of the records is quite different (and needs to be). -- Wes Hardaker Parsons