Document: draft-ietf-dnsop-multi-provider-dnssec-04
Reviewer: Pete Resnick
Review Date: 2020-03-31
Summary: Ready.
Good to go. A straightforward document easy enough for this non-expert to get.
Thanks to the shepherd for a straightforward writeup; it made the review even
easier.
Hi Pete,
Thanks for your review.
Major issues: None
Minor issues: None
Nits/editorial comments:
Just two comments, neither of them should stop progress on the document in any
way:
1. I could see this document being a BCP, since the advice in here seems pretty
prescriptive. I think it will still be perfectly useful as an Informational
document, but it does seem to have important operational advice.
When we first brought this work to DNSOP, I actually asked the same question.
The general consensus at that time was that since no-one had yet deployed
these models in production, it was probably premature to portray it as a BCP
(since the practice did not yet exist :-).
By now, we have had a number of prototype/test implementations, a
production implementation by one major DNS vendor, as well 2 others in
the pipeline. So there is more confidence that these models will be successfully
deployed.
The easiest course of action in my view is to push it out as Informational, and
as more operational experience is gained in the field, produce an updated
document as a BCP.
2. In section 3, it occurs to me that another thing you might add to the
problem list is the issue of some servers caching BAD Data. Paul Hoffman was
nice enough to point me to section 4.7 of RFC 4035. Perhaps a reference to
there from this document would be useful.
I'm pondering a bit more about what to do with this suggestion. I agree it might
be worth mentioning. Although I'm not sure there is any new behavior w.r.t. these
models that needs to be highlighted.
Again, take them for what they're worth. If you decide not to do either, I feel
the document could go forward as-is without a problem.
Thanks!
Shumon Huque
