Russ, Sorry, but what kind of options? Looking at my key board, I can't tell whether you meant to type "available" or "avoidable"... -- Eric --> -----Original Message----- --> From: ietf-bounces@xxxxxxxx [mailto:ietf-bounces@xxxxxxxx] --> On Behalf Of Russ Housley --> Sent: Tuesday, November 29, 2005 5:08 PM --> To: Sam Hartman --> Cc: ietf@xxxxxxxx; smb@xxxxxxxxxxxxxxx --> Subject: Re: DHCID and the use of MD5 --> --> Sam: --> --> Perhaps I was being too terse. I think we are in agreement --> about the --> most important parts. I was trying to say that once you are forced --> to deploy new code, protocol changes and algorithm changes are both --> avaioable options. --> --> Russ --> --> --> At 12:51 PM 11/29/2005, Sam Hartman wrote: --> > >>>>> "Russ" == Russ Housley <housley@xxxxxxxxxxxx> writes: --> > --> > Russ> At 11:44 AM 11/29/2005, Sam Hartman wrote: --> > >> Honestly though the authors seem more upset about --> agility than --> > >> about md5. I think we're certain we want agility. --> > --> > Russ> There are two kinds of algorithm agility: - --> build it into --> > Russ> the protocol - update the protocol each time --> you want to use --> > Russ> a new algorithm --> > --> >I disagree that you always have the second. In particular --> you may not --> >have behavior that allows you to change the protocol. For --> example the --> >SMIME verifier behavior of requiring all (instead of one) --> signature to --> >validate makes the change the protocol approach harder. --> > --> >I think this is an example of a case where you don't have --> the second --> >kind of agility without changing the protocol. In --> particular you need --> >clients and hcp servers to expect there to be more than one record --> >available. --> > --> > Russ> Everyone always has the second. The author --> already made an --> > Russ> argument against the first, but other seem to --> be supporting --> > Russ> the other form. I do not understand the impact on the --> > Russ> current deployment. Do you? --> > --> >so, the deployed code will have to change somewhat --> already. They are --> >currently using txt records; they will need to transition --> to this new --> >RR. --> > --> > --> >However the update behavior if you add agility is more complicated. --> --> --> _______________________________________________ --> Ietf mailing list --> Ietf@xxxxxxxx --> https://www1.ietf.org/mailman/listinfo/ietf --> _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf