/
Rec 1A: RZERC002 - CLOSED
Rec 1A: RZERC002 - CLOSED
- Charla Shambley
Owned by Charla Shambley
Recommendations Regarding Signing Root Zone Name Server Data (R-1A)
| Date Issued | Document | Reference ID | Current Phase |
|---|---|---|---|
| Recommendations Regarding Signing Root Zone Name Server Data (R-1A) | RZERC002 | CLOSED |
Description:
The RZERC recommends that ICANN org conduct the further studies called for in Recommendation 2 of RSSAC028 and focus on these aspects of the research: Revisit the options and consequences of having signed root zone name server data.
STATUS UPDATES
| Date | Phase | Type | Status Updates |
|---|---|---|---|
| Closed | Phase Change | This Advice Item is now Closed | |
| Phase 5 | Phase Update | Based on the understanding of the Advice, this item is considered complete. | |
| Phase 5 | Phase Change | Now in Phase 5 | |
| Phase 2 | AP Feedback | RZERC confirmation of understanding. |
| Phase 2 | Phase Update | Sent updated understanding to AP for review. |
| Phase 2 | Board Understanding | ICANN org understands this recommendation to be a request from RZERC for the org to complete the work specified in RSSAC028, and that RZERC is not requesting any additional work beyond that specified in RSSAC028. As this item contains no new action for the ICANN Board, the item will be considered closed. The RZERC can monitor progress of RSSAC028 by accessing the Root Server System Advisory Committee (RSSAC) Advice Status page (https://features.icann.org/board-advice/rssac). |
| Phase 2 | AP Feedback | In RZERC002, the RZERC was acknowledging that the work requested in RSSAC028 has not been completed and that the RZERC believes that the results of the work requested in RSSAC028 would be helpful in informing changes recommended to the Root Zone. As such, the RZERC would defer questions about terminology to the RSSAC. |
| Phase 2 | Phase Update | Understandings sent to RZERC. |
| Phase 2 | Board Understanding | ICANN org understands this to be a request to revisit the options and consequences of having signed root zone name server data called for in RSSAC028, specifically to: • Identify acceptable response size (beyond the default UDP packet size) for priming queries. ICANN org understands “acceptable” in this context to mean “with minimal risk of IP fragmentation”; • Document how different resolver software responds when answers contain a reduced set of glue records. ICANN org understands “different resolver software” to mean all supported-by-the vendor versions of BIND, Unbound, Power DNS Resolver, Knot Resolver, Microsoft DNS, and dnsmasq. ICANN org understands “a reduced set of glue records” to mean from one glue record to the full set of glue records; • How current resolver implementations behave if they set the “DNSSEC OK” (DO) bit to 1 in their priming queries, such as if they validate the response and, if so, how they handle a bogus response. ICANN org understands “current resolver implementations” to be the same set as “different resolver software”; • How search lists being used by resolvers might be relevant; and • Research practical obstacles faced by signing root zone name server data as input into the development of a proposed transition plan. |
| Phase 2 | Phase Change | Now in Phase 2 | |
| Phase 1 | Phase Update | Acknowledgement sent to RZERC. |
| Phase 1 | Phase Update | RZERC published RZERC002: Recommendations Regarding Signing Root Zone Name Server Data: https://www.icann.org/uploads/ckeditor/rzerc-002-en.pdf. |