Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makarenko-gost2012-dnssec-05> for your review
Василий Долматов <vdolmatov@gmail.com> Fri, 08 March 2024 00:35 UTC
Return-Path: <vdolmatov@gmail.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CA0DC14F6E9; Thu, 7 Mar 2024 16:35:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iF7LRv7NOO8q; Thu, 7 Mar 2024 16:35:37 -0800 (PST)
Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46BF0C14F6B1; Thu, 7 Mar 2024 16:35:37 -0800 (PST)
Received: by mail-lf1-x134.google.com with SMTP id 2adb3069b0e04-51381021af1so461498e87.0; Thu, 07 Mar 2024 16:35:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709858134; x=1710462934; darn=rfc-editor.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=rR/CrzW6dkLwY3a0KLWGpgQmIPByGa0kJ3M49d77G/I=; b=RMo8tglgizuwnmpmy1wVbLIbfJb2jdSXcvMi448svj6fg1lcRKAb04Ggi1rE3BPx2A cLM09qbltV4L5YUG5Z9DyHEwXLzSfpFPdlj/gUvXWK58Ka8W2imEKsTrxna9Q+THDm+d WYxx3si9jU8V6zbM1N6aaSXYhnH/azW4VDaHI+nIb/OgsnKKjEczm38KAllFzd5DWbOu 2weW8FDaHkqQJU0ua4dojzD1JBKBP+K8veif9JP2SvrgcCrd99B2akWRDsDHF3w/QGm/ AP9W4x/QkjG6pvb4n2dHuWdY6w76rhvXZLt0+q1tzP1xgY1aXFSdW6F7bHC9kENWtm+D eXCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709858134; x=1710462934; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rR/CrzW6dkLwY3a0KLWGpgQmIPByGa0kJ3M49d77G/I=; b=MJKf88mvQOdw5BosBVzmPMg4tM2EBLlQG1rsEfBQc/i77mPfoCSAGE55RCvtlVWlwe Ec4N9TTB61PMswrlUZnY25Og6eH/eaG1oEbiCB0KkjuesPlLV/W1dVmmUCHH+08YOuHp Sq/4OHqW4h5l8+GsjYk5oqGLnQJToNUJxXdSQgVsgeDoSjpvQplmuISwC5CQyD89q/KX jEZpN2GjHhgAyn72nnHLeaJ7EA0Hhf6QVkHpSCjTxJXLE4p1ZQeLUupufrFceldGlT1V 8vK1s7A/KkDcDMfFB3HWyqZNhm2yTd/zf/790W4IZ3wBBQtzgLCGG6JM9AM730yp8mCk 455Q==
X-Forwarded-Encrypted: i=1; AJvYcCU+lSNmWtUnO13GlYBc98rgToc/fN/0i07c14T//nAgkkAEJ8YR7E6qalHHVu299KrmrEAAG3oDhDneTUWORnbT35heAky+MDre2RL3pEynnAcVezYUAxviNTs69KMFiCJPfNnF
X-Gm-Message-State: AOJu0YwqpYUjVGpUeiE2SrpzjSy4JlaYfZ59e1SVsEYFswYAKeIyRlE9 9oVoTGKhFFAezL6OMK+FshRtVgc3X7s9uW0EFNVk5Aji++mvpX/E+Iqxup6S
X-Google-Smtp-Source: AGHT+IEMuzffh9tV1aHd/1g4H2JOUgX+GsoAQCDjtqOyR1jE9+lGtV/fOTTyIo5PesnbwxT26UIjig==
X-Received: by 2002:ac2:4c99:0:b0:513:177f:ef57 with SMTP id d25-20020ac24c99000000b00513177fef57mr2422142lfl.10.1709858133473; Thu, 07 Mar 2024 16:35:33 -0800 (PST)
Received: from smtpclient.apple ([37.204.66.168]) by smtp.gmail.com with ESMTPSA id v16-20020a056512349000b0051330fe6604sm2879389lfr.51.2024.03.07.16.35.32 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 07 Mar 2024 16:35:32 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.1\))
From: Василий Долматов <vdolmatov@gmail.com>
In-Reply-To: <20240307222618.59E191AAE94B@rfcpa.amsl.com>
Date: Fri, 08 Mar 2024 03:35:19 +0300
Cc: bmakarenko@tcinet.ru, rfc-ise@rfc-editor.org, auth48archive@rfc-editor.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <D07A1190-184B-4453-BD90-4EBA9860EC59@gmail.com>
References: <20240307222618.59E191AAE94B@rfcpa.amsl.com>
To: rfc-editor@rfc-editor.org
X-Mailer: Apple Mail (2.3731.700.6.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/n4sAmMUs9L_2nQe6tq_Xp8AjYcE>
Subject: Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makarenko-gost2012-dnssec-05> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2024 00:35:41 -0000
Hello, I agree with all modifications proposed by RFC Editors. If Boris has deeper insight in some changes, he will let us know. Thank you for your work. dol@ > 8 марта 2024 г., в 01:26, rfc-editor@rfc-editor.org написал(а): > > Authors, > > While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the XML file. > > 1) <!-- [rfced] Please insert any keywords (beyond those that appear in > the title) for use on https://www.rfc-editor.org/search. --> > > > 2) <!--[rfced] May we remove the expansion, as GOST has not previously been > expanded in RFCs, and our understanding is GOST is more recognizable than > "GOsudarstvennyy STandart"? > > Original: > Algorithms GOsudarstvennyy STandart(GOST) R 34.10-2012 and GOST R > 34.11-2012 are Russian national standards. > > Perhaps: > GOST R 34.10-2012 and GOST R 34.11-2012 are Russian national standards. > --> > > > 3) <!-- [rfced] Please review the "type" attribute of each sourcecode element > in the XML file to ensure correctness. If the current list of preferred > values for "type" (https://www.rfc-editor.org/materials/sourcecode-types.txt) > does not contain an applicable type, then feel free to let us > know. Also, it is acceptable to leave the "type" attribute not > set. > > In addition, review each artwork element. Specifically, > should any artwork element be tagged as sourcecode or another > element? > --> > > > 4) <!--[rfced] Section 2.1: > a) For clarity, may we remove the word "algorithm"? > b) Does 'Parameter set A" refer to the same mentioned in Section 2, > i.e., id-tc26-3410-2012-256-paramSetA parameter set defined in RFC 7836? > If so, may this text be updated as follows or otherwise? > > Original: > The OIDs in the structure above represent GOST R 34.10-2012 public > key with 256 bits private key length algorithm and Parameter set A. > > Perhaps: > The OIDs in the structure above represent a GOST R 34.10-2012 public > key with a 256-bit private key length and parameter set A. > > For comparison, we note that similar text in RFC 9215 does not include > the word "algorithm": > GOST R 34.10-2012 public keys with a 512-bit private key length are > identified by the following OID: > > > Also, would you like to add "parameter set A" in Section 2 as follows, > so that the reader knows what Section 2.1 is referring to? > > Original: > We select the parameters for the digital signature > algorithm to be id-tc26-gost-3410-2012-256-paramSetA as specified in > RFC 7836 [RFC7836]. > > Perhaps: > We select the parameters for the digital signature > algorithm to be id-tc26-gost-3410-2012-256-paramSetA as specified in > RFC 7836 [RFC7836]; this document refers to it as "parameter set A". > --> > > > 5) <!--[rfced] FYI, the placement of the line break was altered so that the > example would fit the line-length limitation without the removal of the > left-hand indentation. Please let us know if you prefer otherwise. > > Original: > Private-key-format: v1.2 > Algorithm: TBA1 (ECC-GOST12) > Gost12Asn1: MD4CAQAwFwYIKoUDBwEBAQEwCwYJKoUDBwECAQEBBCD/Mw9o6R5lQHJ13jz0 > W+C1tdsS4W7RJn04rk9MGJq3Hg== > > Current: > Private-key-format: v1.2 > Algorithm: 23 (ECC-GOST12) > Gost12Asn1: MD4CAQAwFwYIKoUDBwEBAQEwCwYJKoUDBwECAQEBBCD/Mw9o6R5lQHJ13 > jz0W+C1tdsS4W7RJn04rk9MGJq3Hg== > --> > > > 6) <!-- [rfced] RFC 5208 has been obsoleted by RFC 5958. May we replace > the informative reference RFC 5208 with RFC 5958? If so, what section > number should be used? > > Original: > The private key here is presented in PrivateKeyInfo ASN.1 structure, > as described in RFC5208 [RFC5208], Section 5. > --> > > > 7) <!--[rfced] Regarding your note below, the numbers 23 and 5 were assigned, > so it does not seem that recalculation is needed. Please review. > > Original: > [RFC Editor note: Note: Algorithm numbers 23 and 5 are used as an > example in this document, as actual numbers have not yet been > assigned. If the assigned values will differ, the example keys and > signatures will have to be recalculated before the official > publication of the RFC.] > --> > > > 8) <!--[rfced] Vasily, regarding the postal address, is it necessary > to list your organization twice, or may the second instance be removed? > Also, may we update to typical abbreviations for building (Bldg.) > and street (St.)? > > Original: > Vasily Dolmatov (editor) > JSC "NPK Kryptonite" > Spartakovskaya sq., 14, bld 2, JSC "NPK Kryptonite" > Moscow > 105082 > > Perhaps: > Vasily Dolmatov (editor) > JSC "NPK Kryptonite" > Spartakovskaya Sq., 14, Bldg. 2 > Moscow > 105082 > > Original: > 8 marta str., 1, bld 12 > > Perhaps: > 8 Marta St., 1, Bldg. 12 > --> > > > Thank you. > > RFC Editor/ar > > > On Mar 7, 2024, rfc-editor@rfc-editor.org wrote: > > *****IMPORTANT***** > > Updated 2024/03/07 > > RFC Author(s): > -------------- > > Instructions for Completing AUTH48 > > Your document has now entered AUTH48. Once it has been reviewed and > approved by you and all coauthors, it will be published as an RFC. > If an author is no longer available, there are several remedies > available as listed in the FAQ (https://www.rfc-editor.org/faq/). > > You and you coauthors are responsible for engaging other parties > (e.g., Contributors or Working Group) as necessary before providing > your approval. > > Planning your review > --------------------- > > Please review the following aspects of your document: > > * RFC Editor questions > > Please review and resolve any questions raised by the RFC Editor > that have been included in the XML file as comments marked as > follows: > > <!-- [rfced] ... --> > > These questions will also be sent in a subsequent email. > > * Changes submitted by coauthors > > Please ensure that you review any changes submitted by your > coauthors. We assume that if you do not speak up that you > agree to changes submitted by your coauthors. > > * Content > > Please review the full content of the document, as this cannot > change once the RFC is published. Please pay particular attention to: > - IANA considerations updates (if applicable) > - contact information > - references > > * Copyright notices and legends > > Please review the copyright notice and legends as defined in > RFC 5378 and the Trust Legal Provisions > (TLP – https://trustee.ietf.org/license-info/). > > * Semantic markup > > Please review the markup in the XML file to ensure that elements of > content are correctly tagged. For example, ensure that <sourcecode> > and <artwork> are set correctly. See details at > <https://authors.ietf.org/rfcxml-vocabulary>. > > * Formatted output > > Please review the PDF, HTML, and TXT files to ensure that the > formatted output, as generated from the markup in the XML file, is > reasonable. Please note that the TXT will have formatting > limitations compared to the PDF and HTML. > > > Submitting changes > ------------------ > > To submit changes, please reply to this email using ‘REPLY ALL’ as all > the parties CCed on this message need to see your changes. The parties > include: > > * your coauthors > > * rfc-editor@rfc-editor.org (the RPC team) > > * other document participants, depending on the stream (e.g., > IETF Stream participants are your working group chairs, the > responsible ADs, and the document shepherd). > > * auth48archive@rfc-editor.org, which is a new archival mailing list > to preserve AUTH48 conversations; it is not an active discussion > list: > > * More info: > https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc > > * The archive itself: > https://mailarchive.ietf.org/arch/browse/auth48archive/ > > * Note: If only absolutely necessary, you may temporarily opt out > of the archiving of messages (e.g., to discuss a sensitive matter). > If needed, please add a note at the top of the message that you > have dropped the address. When the discussion is concluded, > auth48archive@rfc-editor.org will be re-added to the CC list and > its addition will be noted at the top of the message. > > You may submit your changes in one of two ways: > > An update to the provided XML file > — OR — > An explicit list of changes in this format > > Section # (or indicate Global) > > OLD: > old text > > NEW: > new text > > You do not need to reply with both an updated XML file and an explicit > list of changes, as either form is sufficient. > > We will ask a stream manager to review and approve any changes that seem > beyond editorial in nature, e.g., addition of new text, deletion of text, > and technical changes. Information about stream managers can be found in > the FAQ. Editorial changes do not require approval from a stream manager. > > > Approving for publication > -------------------------- > > To approve your RFC for publication, please reply to this email stating > that you approve this RFC for publication. Please use ‘REPLY ALL’, > as all the parties CCed on this message need to see your approval. > > > Files > ----- > > The files are available here: > https://www.rfc-editor.org/authors/rfc9558.xml > https://www.rfc-editor.org/authors/rfc9558.html > https://www.rfc-editor.org/authors/rfc9558.pdf > https://www.rfc-editor.org/authors/rfc9558.txt > > Diff file of the text: > https://www.rfc-editor.org/authors/rfc9558-diff.html > https://www.rfc-editor.org/authors/rfc9558-rfcdiff.html (side by side) > > Diff of the XML: > https://www.rfc-editor.org/authors/rfc9558-xmldiff1.html > > > Tracking progress > ----------------- > > The details of the AUTH48 status of your document are here: > https://www.rfc-editor.org/auth48/rfc9558 > > Please let us know if you have any questions. > > Thank you for your cooperation, > > RFC Editor > > -------------------------------------- > RFC9558 (draft-makarenko-gost2012-dnssec-05) > > Title : Use of GOST 2012 Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC > Author(s) : B. Makarenko, V. Dolmatov, Ed.
- [auth48] AUTH48: RFC-to-be 9558 <draft-makarenko-… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Василий Долматов
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Independent Submissions Editor (Eliot Lear)
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Boris Makarenko
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Alice Russo
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Василий Долматов
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Василий Долматов
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Alice Russo
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Independent Submissions Editor (Eliot Lear)
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… bmakarenko
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Alice Russo
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Independent Submissions Editor (Eliot Lear)
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Alice Russo
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Independent Submissions Editor (Eliot Lear)
- Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makare… Alice Russo