Reviewer: Yoav Nir Review result: Has Issues Hi. I agree with what the draft says, and also wth Barry Leiba's comments about terminology. Still, there are two things in the draft text that stood out as strange: In the introduction, we have "DNSSEC [RFC9364] originally made extensive use of SHA-1 as a cryptographic verification algorithm ... Since then, multiple other signing algorithms with stronger cryptographic strength are now widely available..." RFC 9364 is from 2023. The algorithms in question (like SHA-256) did not pop up "since then". The extensive use of SHA-1 has been since RFC 3110 from 2001. I believe that should be the referenced document. The other issue is with the security considerations section. It says, "This document reduces the risk that a zone cannot be validated due to lack of SHA-1 support in a validator". To me, that's an operational consideration - don't use this because many validations don't support it. The security consideration should be that RSA signatures with the SHA-1 has are no longer considered secure (already stated in the introduction), and that is why validators are dropping it and why you implementer should also drop it. -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
