Dear DNSOP,
This new revision addresses all feedback collected since October 2025. Here is
an overview of the changes:
- Clarify continuity of validation (in Section 2)
- In RRR model, clarify that registries should not bootstrap if registrar has
no deactivation interface (or if registrar does the automation)
- Fold CDS/CDNSKEY consistency requirements (Section 6) into Section 2 (on
acceptance checks)
- Add Appendix B with recommendations overview
- Change document type to BCP
- Remove Appendix C ("Approaches not pursued")
- Minor editorial changes
The document has been very widely circulated during its development, undergoing
reviews and incorporating associated feedback from the following occasions:
- IETF 123 (07/2025, Madrid)
- ICANN CPH TechOps (08/2025)
- APTLD 88 (09/2025, Belgrade)
- Registry Operations Workshop (ROW14, 09/2025)
- CENTR Tech 53 (10/2025)
- DNS OARC 45 (10/2025, Stockholm)
- ICANN 84 (10/2025, Dublin)
- IETF 124 (11/2025)
On these occasions, the draft has generally generated positive feedback.
Additional reviews were conducted by IANA (Kim) and members of the ICANN
ASO/NRO.
Presentations at ICANN involved Tech Day, the DNSSEC and Security Workshop,
plus various individual interactions with registry and registrar stakeholder
groups. DNS OARC 45 involved a quite productive workshop held the day before,
attended by about 10 people. -- Thanks to everyone attending, and also everyone
else who provided feedback on the list or some other way!
As a result of this unusually wide review and strong community support, the
authors believe that this document now represents the best current
understanding of how to implement DS automation. The document type has hence
been changed to BCP.
The authors believe this document is now ready, and would like to request WLGC.
Best,
Steve & Peter
On 1/10/26 00:06, [email protected] wrote:
Internet-Draft draft-ietf-dnsop-ds-automation-02.txt is now available. It is a
work item of the Domain Name System Operations (DNSOP) WG of the IETF.
Title: Operational Recommendations for DS Automation
Authors: Steve Sheng
Peter Thomassen
Name: draft-ietf-dnsop-ds-automation-02.txt
Pages: 24
Dates: 2026-01-09
Abstract:
Enabling support for automatic acceptance of DS parameters from the
Child DNS operator (via RFCs 7344, 8078, 9615) requires the parent
operator, often a registry or registrar, to make a number of
technical decisions. This document describes recommendations for new
deployments of such DS automation.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-ds-automation/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-dnsop-ds-automation-02.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-dnsop-ds-automation-02
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
--
Like our community service? 💛
Please consider donating at
https://desec.io/
deSEC e.V.
Möckernstraße 74
10965 Berlin
Germany
Vorstandsvorsitz: Nils Wisiol
Registergericht: AG Berlin (Charlottenburg) VR 37525
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
