X-Scanned-BY: MIMEDefang 2.68 on 10.5.11.23
CC: Tomas Hozza <thozza@redhat.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.0
content-type: text/plain; charset="utf-8"; format="flowed"
Message-ID: <53428B8B.7060303@redhat.com>
Organization: Red Hat
Received: from mx.ams1.isc.org (mx.ams1.isc.org [199.6.1.65]) by bugs.isc.org (Postfix) with ESMTP id 2E6F32D20051 for <bind-suggest@bugs.isc.org>; Mon,  7 Apr 2014 11:27:20 +0000 (UTC)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.ams1.isc.org (Postfix) with ESMTP id 696212383C7 for <bind-suggest@isc.org>; Mon,  7 Apr 2014 11:27:10 +0000 (UTC) (envelope-from pspacek@redhat.com)
Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s37BR8uR009570 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <bind-suggest@isc.org>; Mon, 7 Apr 2014 07:27:09 -0400
Received: from pspacek.brq.redhat.com (pspacek.brq.redhat.com [10.34.4.156]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id s37BR6vU009551 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 7 Apr 2014 07:27:08 -0400
Delivered-To: bind-suggest@bugs.isc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
Subject: Support for draft-ietf-dnsop-delegation-trust-maintainance ?
Return-Path: <pspacek@redhat.com>
X-Original-To: bind-suggest@bugs.isc.org
Date: Mon, 07 Apr 2014 13:27:07 +0200
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mx.ams1.isc.org
To: bind-suggest@isc.org
Content-Transfer-Encoding: 7bit
From: Petr Spacek <pspacek@redhat.com>
X-RT-Original-Encoding: ISO-8859-1
Content-Length: 645

Hello,

I would like to know if you are planning to support
http://tools.ietf.org/html/draft-ietf-dnsop-delegation-trust-maintainance-03
in a near future.

It seems that sections 3 and 5 are stable and rest of the draft seems to be 
not very interesting for DNS servers.

I wonder if you can:
- add support for CDS and CDNSKEY records
- add a switch (for in-line signing and dnssec-signzone) "always copy all 
DNSKEY records to CDNSKEY records and also to CDS records".

IMHO this behavior is allowed:
http://tools.ietf.org/html/draft-ietf-dnsop-delegation-trust-maintainance-03#section-5

Thank you for your time.

-- 
Petr Spacek  @  Red Hat