[Working on past history clean-ups] FYI, a number of people have been asking about this draft and whether it should be at least republished with the most recent set of suggested changes. So I'm doing so. I'll leave it up to the WG about whether it should ever be an RFC or not.
[if you want to search the archives, it was about 4 years ago where 3 people begrudgingly said it is probably important to publish something like this, as people are actually doing it.] -------------------- Start of forwarded message -------------------- A new version of Internet-Draft draft-hardaker-dnsop-intentionally-temporary-insec-02.txt has been successfully submitted by Wes Hardaker and posted to the IETF repository. Name: draft-hardaker-dnsop-intentionally-temporary-insec Revision: 02 Title: Intentionally Temporarily Degraded or Insecure Date: 2026-01-05 Group: Individual Submission Pages: 8 URL: https://www.ietf.org/archive/id/draft-hardaker-dnsop-intentionally-temporary-insec-02.txt Status: https://datatracker.ietf.org/doc/draft-hardaker-dnsop-intentionally-temporary-insec/ HTML: https://www.ietf.org/archive/id/draft-hardaker-dnsop-intentionally-temporary-insec-02.html HTMLized: https://datatracker.ietf.org/doc/html/draft-hardaker-dnsop-intentionally-temporary-insec Diff: https://author-tools.ietf.org/iddiff?url2=draft-hardaker-dnsop-intentionally-temporary-insec-02 Abstract: Performing DNSKEY algorithm transitions with DNSSEC signing is unfortunately challenging to get right in practice without decent tooling support. This document weighs the correct, completely secure way of rolling keys against an alternate, significantly simplified, method that takes a zone through an insecure state first. The IETF Secretariat -------------------- End of forwarded message -------------------- -- Wes Hardaker Google _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
