Document: draft-ietf-dnsext-trustupdate-timers-05.txt Title: Automated Updates of DNSSEC Trust Anchors Reviewer: Vijay K. Gurbani Review Date: January 26, 2007 IETF LC date: January 29, 2007 Summary: This draft is basically ready for publication, but has nits that should be fixed before publication. This document describes a mechanism where a resolver can update the trust anchors (= name + key) for a given trust point in an automated fashion. Substantive comments below, followed by nits: * The last paragraph of S2.1 appears to point to an example in S2.2. If so, it may be best to move that paragraph into S2.2. * In S2.3, it may be helpful to derive an equation in the first paragraph, much as done in the second paragraph. This will help implementors tremendously. I think the appropriate equation should be as follows (please do double-check): queryInterval = MIN (1 hr, MIN(15 days, 1/2*OrigTTL, 1/2*RRSIGExpirationInterval)) * Need body for the reference [msj2]. * I note that this document is an Informational, but it contains IANA considerations. I am not up to speed on IETF regulations about whether Informationals can contain IANA considerations or not... Nits: * S1, third paragraph: s/manage this many/manage these many s/herein/here s/e.g. Consider/e.g., consider * S1, fourth paragraph: s/they should be/these should be * S2, first paragraph: s/see [RFC4034]section/see [RFC4034] section * S2.3, first paragraph: s/(e.g. do a/(e.g., do a * S4.2, first paragraph: s/(e.g. KeyRem/(e.g., KeyRem