This document summarizes a proposed RESTful protocol that would allow a third party DNS operator to maintain DNS and DNSSEC state in a parent zone. It describes how the protocol could be used to automate the bootstrapping and ongoing maintenance of DNSSEC, which could help increase DNSSEC adoption by making the process easier. The bootstrap process involves verifying ownership of the child zone by adding a random token record, then mirroring DNSKEY records or adding DS records, while maintenance involves updating records and having the parent zone operator add or remove DS records accordingly. A test implementation of the protocol is available on GitHub.