"This draft should reiterate the requirement that with certificate
usage DANE-TA(2), the server MUST include the trust-anchor certificate
in its certificate message even if that trust-anchor is self-signed
(root CAs are NOT optional with DANE-TA(2))."
This is discussed in the DANE-OPS document, and we can have a pointer to it. I'm not convinced that it needs to be discussed additionally in the text of this draft.
From Viktor:
"This draft should reiterate the requirement that with certificate usage DANE-TA(2), the server MUST include the trust-anchor certificate in its certificate message even if that trust-anchor is self-signed (root CAs are NOT optional with DANE-TA(2))."