Re: [DNSOP] Last Call: <draft-ietf-dnsop-algorithm-update-05.txt> (Algorithm Implementation Requirements and Usage Guidance for DNSSEC) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The table in section 3.3 ("DS and CDS Algorithms") of the draft states that SHA-1 is "MUST NOT" for "DNSSEC Delegation" but in the narrative text under the table it states "SHA-1 [...] is NOT RECOMMENDED for use in generating new DS and CDS records."

The two statements should be consistent in the final RFC.


Yours,
Mats

---
Mats Dufberg
DNS Specialist, IIS
Mobile: +46 73 065 3899
https://www.iis.se/en/
 

-----Original Message-----
From: DNSOP <dnsop-bounces@xxxxxxxx> on behalf of The IESG <iesg-secretary@xxxxxxxx>
Reply-To: "ietf@xxxxxxxx" <ietf@xxxxxxxx>
Date: Wednesday, 13 February 2019 at 20:30
To: IETF-Announce <ietf-announce@xxxxxxxx>
Cc: Tim Wicinski <tjw.ietf@xxxxxxxxx>, "draft-ietf-dnsop-algorithm-update@xxxxxxxx" <draft-ietf-dnsop-algorithm-update@xxxxxxxx>, "dnsop@xxxxxxxx" <dnsop@xxxxxxxx>, "dnsop-chairs@xxxxxxxx" <dnsop-chairs@xxxxxxxx>
Subject: [DNSOP] Last Call: <draft-ietf-dnsop-algorithm-update-05.txt> (Algorithm Implementation Requirements and Usage Guidance for DNSSEC) to Proposed Standard

    
    The IESG has received a request from the Domain Name System Operations WG
    (dnsop) to consider the following document: - 'Algorithm Implementation
    Requirements and Usage Guidance for DNSSEC'
      <draft-ietf-dnsop-algorithm-update-05.txt> as Proposed Standard
    
    The IESG plans to make a decision in the next few weeks, and solicits final
    comments on this action. Please send substantive comments to the
    ietf@xxxxxxxx mailing lists by 2019-02-27. Exceptionally, comments may be
    sent to iesg@xxxxxxxx instead. In either case, please retain the beginning of
    the Subject line to allow automated sorting.
    
    Abstract
    
    
       The DNSSEC protocol makes use of various cryptographic algorithms in
       order to provide authentication of DNS data and proof of non-
       existence.  To ensure interoperability between DNS resolvers and DNS
       authoritative servers, it is necessary to specify a set of algorithm
       implementation requirements and usage guidelines to ensure that there
       is at least one algorithm that all implementations support.  This
       document defines the current algorithm implementation requirements
       and usage guidance for DNSSEC.  This document obsoletes [RFC6944].
    
    
    
    
    The file can be obtained via
    https://datatracker.ietf.org/doc/draft-ietf-dnsop-algorithm-update/
    
    IESG discussion can be tracked via
    https://datatracker.ietf.org/doc/draft-ietf-dnsop-algorithm-update/ballot/
    
    
    No IPR declarations have been submitted directly on this I-D.
    
    
    
    
    _______________________________________________
    DNSOP mailing list
    DNSOP@xxxxxxxx
    https://www.ietf.org/mailman/listinfo/dnsop
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux