Wiki Navigation

To Do List for Post Work Shop

Create HOWTOs for NSEC3-enabled programs and utils

Develop short and long NSEC3 presentations
- Short (10-15 minute) presentation for DNSSEC non-specialists
- Long (30-60 minute) presentation for DNSSEC experts
  - Incorporating review of issues list

Open Issues
- Dynamic update
- Auth server behaviour in presence of unknown NSEC3 hash algorithm
- Incomplete NSEC3 chains
- NSEC / NSEC3 coexistence in the same zone
- NSEC / NSEC3 "signalling"
- Partial opt-out zones (zones containing opt-out and non-opt-out zones)
- "Potential WCs" MUST NOT collide (signers may or may not check)
- Add hash length in NSEC3 RDATA
- (Non-)existence of NSEC3-owned names? (i.e. NSEC3 RRs do not exist.)
- Opt-out isn't enforceable - write in draft?

Download in other formats:

Plain Text