[dnssec-key-tf] Proposed Mesage to IANA
Daniel Karrenberg
Wed Apr 16 13:34:55 CEST 2008
On 16.04 12:10, Jim Reid wrote: > > . > >[3] The TAR should somehow verify the keying material it's given > >before publishing or storing it. There should also be a secure channel > >for authenticating the TAR and any data it's publishing. > > > >Comment: We assume this is SOP for TLD requests and would be > >implemented > >here also. > > I'd like to know this rather than assume it was SOP. At the moment > Daniel, not all TLD requests involve something we'd recognise as a > secure channel. Though I understand this is one of the many things Kim > has in the pipeline. I understand the intention and agree with it. Channels or TLD reuests need to be improved. However we have to be careful not to cause delays and friction by mixing things. Our comment should not be interpreted to require a special process. I'll think up tet saying this. > >[11] The TAR should only publish keying material with the consent of > > the respective key manager. > > > >Comment: we believe that is SOP and part of the proposa. > > Again, I'd like to know that rather than assume it. I'll leave out the comment. > Er, it's news to me that I chair the TF. :-) I didn't think we had > one. However it says this on the web site, so it must be true. :-) Of course it is! > My personal preference here would be for the TF to reach consensus and > have that endorsed by the DNS WG. And then the WG sends something on > behalf of the RIPE community to ICANN. We set up the TF because the WG > was evenly divided, so I would be more comfortable if the WG supported > the draft rather than the TF. Fine with me. Lets reach consensus here, send it to the DB WG, allow a *few* days for discussion and send it on. If we wait until Berlin it will be overtaken by events. New draft coming soon. Daniel