On 9 Jun 2015, at 8:58, The IESG wrote:
> The IESG has received a request from the Domain Name System Operations WG
> (dnsop) to consider the following document:
> - 'Definition and Use of DNSSEC Negative Trust Anchors'
> <draft-ietf-dnsop-negative-trust-anchors-10.txt> as Informational RFC
I have read this document. The topic under discussion is a useful one, it is described clearly and well, and I support this document proceeding. I have some minor suggestions for improvement, but nothing substantial.
In section 1, the document uses normative-sounding language ("should not") and seems to direct the IANA not to do something. The normative-sounding direction is further extended to all other organisations. I understand the intent here, but the advice seems a little jarring; any IETF document can provide advice and recommendations without enforcement (informational documents arguably more so). Perhaps this could be rephrased to make it clear that the document is providing recommendations about how to implement and manage negative trust anchors rather than laying down the law.
In section 1.2 the document refers to a "domain administrator", when in the context of DNSSEC I think it means a "zone administrator".
In section 7 the document refers to "dnscheck", which I understand is no longer being maintained and has been replaced with "zonemaster". See <http://www.zonemaster.fr>, for example.
JoeAttachment:
signature.asc
Description: OpenPGP digital signature