I agree with Steve and others saying that MAY is appropriate for this. S. Stephen Kent wrote: > I recommend that the document not be approved by the IESG in its current > form. Section 6.1 states: > >> 6.1. Support for GOST signatures >> >> DNSSEC aware implementations SHOULD be able to support RRSIG and >> DNSKEY resource records created with the GOST algorithms as >> defined in this document. > > There has been considerable discussion on the security area directorate > list about this aspect of the document. All of the SECDIR members who > participated in the discussion argued that the text in 6.1 needs to be > changed to MAY from SHOULD. The general principle cited in the > discussion has been that "national" crypto algorithms like GOST ought > not be cited as MUST or SHOULD in standards like DNESEC. I refer > interested individuals to the SECDIR archive for details of the discussion. > > (http://www.ietf.org/mail-archive/web/secdir/current/maillist.html) > > Steve > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www.ietf.org/mailman/listinfo/ietf > _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf