IETF Logo Mail Archive

Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makarenko-gost2012-dnssec-05> for your review

Василий Долматов <vdolmatov@gmail.com> Fri, 08 March 2024 00:35 UTC

Return-Path: <vdolmatov@gmail.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CA0DC14F6E9; Thu, 7 Mar 2024 16:35:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iF7LRv7NOO8q; Thu, 7 Mar 2024 16:35:37 -0800 (PST)
Received: from mail-lf1-x134.google.com (mail-lf1-x134.google.com [IPv6:2a00:1450:4864:20::134]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46BF0C14F6B1; Thu, 7 Mar 2024 16:35:37 -0800 (PST)
Received: by mail-lf1-x134.google.com with SMTP id 2adb3069b0e04-51381021af1so461498e87.0; Thu, 07 Mar 2024 16:35:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709858134; x=1710462934; darn=rfc-editor.org; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=rR/CrzW6dkLwY3a0KLWGpgQmIPByGa0kJ3M49d77G/I=; b=RMo8tglgizuwnmpmy1wVbLIbfJb2jdSXcvMi448svj6fg1lcRKAb04Ggi1rE3BPx2A cLM09qbltV4L5YUG5Z9DyHEwXLzSfpFPdlj/gUvXWK58Ka8W2imEKsTrxna9Q+THDm+d WYxx3si9jU8V6zbM1N6aaSXYhnH/azW4VDaHI+nIb/OgsnKKjEczm38KAllFzd5DWbOu 2weW8FDaHkqQJU0ua4dojzD1JBKBP+K8veif9JP2SvrgcCrd99B2akWRDsDHF3w/QGm/ AP9W4x/QkjG6pvb4n2dHuWdY6w76rhvXZLt0+q1tzP1xgY1aXFSdW6F7bHC9kENWtm+D eXCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709858134; x=1710462934; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rR/CrzW6dkLwY3a0KLWGpgQmIPByGa0kJ3M49d77G/I=; b=MJKf88mvQOdw5BosBVzmPMg4tM2EBLlQG1rsEfBQc/i77mPfoCSAGE55RCvtlVWlwe Ec4N9TTB61PMswrlUZnY25Og6eH/eaG1oEbiCB0KkjuesPlLV/W1dVmmUCHH+08YOuHp Sq/4OHqW4h5l8+GsjYk5oqGLnQJToNUJxXdSQgVsgeDoSjpvQplmuISwC5CQyD89q/KX jEZpN2GjHhgAyn72nnHLeaJ7EA0Hhf6QVkHpSCjTxJXLE4p1ZQeLUupufrFceldGlT1V 8vK1s7A/KkDcDMfFB3HWyqZNhm2yTd/zf/790W4IZ3wBBQtzgLCGG6JM9AM730yp8mCk 455Q==
X-Forwarded-Encrypted: i=1; AJvYcCU+lSNmWtUnO13GlYBc98rgToc/fN/0i07c14T//nAgkkAEJ8YR7E6qalHHVu299KrmrEAAG3oDhDneTUWORnbT35heAky+MDre2RL3pEynnAcVezYUAxviNTs69KMFiCJPfNnF
X-Gm-Message-State: AOJu0YwqpYUjVGpUeiE2SrpzjSy4JlaYfZ59e1SVsEYFswYAKeIyRlE9 9oVoTGKhFFAezL6OMK+FshRtVgc3X7s9uW0EFNVk5Aji++mvpX/E+Iqxup6S
X-Google-Smtp-Source: AGHT+IEMuzffh9tV1aHd/1g4H2JOUgX+GsoAQCDjtqOyR1jE9+lGtV/fOTTyIo5PesnbwxT26UIjig==
X-Received: by 2002:ac2:4c99:0:b0:513:177f:ef57 with SMTP id d25-20020ac24c99000000b00513177fef57mr2422142lfl.10.1709858133473; Thu, 07 Mar 2024 16:35:33 -0800 (PST)
Received: from smtpclient.apple ([37.204.66.168]) by smtp.gmail.com with ESMTPSA id v16-20020a056512349000b0051330fe6604sm2879389lfr.51.2024.03.07.16.35.32 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 07 Mar 2024 16:35:32 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.1\))
From: Василий Долматов <vdolmatov@gmail.com>
In-Reply-To: <20240307222618.59E191AAE94B@rfcpa.amsl.com>
Date: Fri, 08 Mar 2024 03:35:19 +0300
Cc: bmakarenko@tcinet.ru, rfc-ise@rfc-editor.org, auth48archive@rfc-editor.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <D07A1190-184B-4453-BD90-4EBA9860EC59@gmail.com>
References: <20240307222618.59E191AAE94B@rfcpa.amsl.com>
To: rfc-editor@rfc-editor.org
X-Mailer: Apple Mail (2.3731.700.6.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/n4sAmMUs9L_2nQe6tq_Xp8AjYcE>
Subject: Re: [auth48] AUTH48: RFC-to-be 9558 <draft-makarenko-gost2012-dnssec-05> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2024 00:35:41 -0000

Hello,

I agree with all modifications proposed by RFC Editors. 

If Boris has deeper insight in some changes, he will let us know.

Thank you for your work.

dol@

> 8 марта 2024 г., в 01:26, rfc-editor@rfc-editor.org написал(а):
> 
> Authors,
> 
> While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the XML file.
> 
> 1) <!-- [rfced] Please insert any keywords (beyond those that appear in
> the title) for use on https://www.rfc-editor.org/search. -->
> 
> 
> 2) <!--[rfced] May we remove the expansion, as GOST has not previously been 
> expanded in RFCs, and our understanding is GOST is more recognizable than 
> "GOsudarstvennyy STandart"?
> 
> Original:
>   Algorithms GOsudarstvennyy STandart(GOST) R 34.10-2012 and GOST R
>   34.11-2012 are Russian national standards.
> 
> Perhaps:
>   GOST R 34.10-2012 and GOST R 34.11-2012 are Russian national standards.  
> -->
> 
> 
> 3) <!-- [rfced] Please review the "type" attribute of each sourcecode element
> in the XML file to ensure correctness. If the current list of preferred
> values for "type" (https://www.rfc-editor.org/materials/sourcecode-types.txt) 
> does not contain an applicable type, then feel free to let us
> know. Also, it is acceptable to leave the "type" attribute not
> set.  
> 
> In addition, review each artwork element. Specifically,
> should any artwork element be tagged as sourcecode or another
> element?
> -->
> 
> 
> 4) <!--[rfced] Section 2.1: 
> a) For clarity, may we remove the word "algorithm"?
> b) Does 'Parameter set A" refer to the same mentioned in Section 2,
> i.e., id-tc26-3410-2012-256-paramSetA parameter set defined in RFC 7836? 
> If so, may this text be updated as follows or otherwise?
> 
> Original:
>   The OIDs in the structure above represent GOST R 34.10-2012 public
>   key with 256 bits private key length algorithm and Parameter set A.
> 
> Perhaps:
>   The OIDs in the structure above represent a GOST R 34.10-2012 public
>   key with a 256-bit private key length and parameter set A.
> 
> For comparison, we note that similar text in RFC 9215 does not include 
> the word "algorithm":
>   GOST R 34.10-2012 public keys with a 512-bit private key length are
>   identified by the following OID:
> 
> 
> Also, would you like to add "parameter set A" in Section 2 as follows,
> so that the reader knows what Section 2.1 is referring to?
> 
> Original:
>   We select the parameters for the digital signature
>   algorithm to be id-tc26-gost-3410-2012-256-paramSetA as specified in
>   RFC 7836 [RFC7836].
> 
> Perhaps:
>   We select the parameters for the digital signature
>   algorithm to be id-tc26-gost-3410-2012-256-paramSetA as specified in
>   RFC 7836 [RFC7836]; this document refers to it as "parameter set A".
> -->
> 
> 
> 5) <!--[rfced] FYI, the placement of the line break was altered so that the 
> example would fit the line-length limitation without the removal of the 
> left-hand indentation. Please let us know if you prefer otherwise.
> 
> Original:
> Private-key-format: v1.2
> Algorithm: TBA1 (ECC-GOST12)
> Gost12Asn1: MD4CAQAwFwYIKoUDBwEBAQEwCwYJKoUDBwECAQEBBCD/Mw9o6R5lQHJ13jz0
>            W+C1tdsS4W7RJn04rk9MGJq3Hg==
> 
> Current:
>   Private-key-format: v1.2
>   Algorithm: 23 (ECC-GOST12)
>   Gost12Asn1: MD4CAQAwFwYIKoUDBwEBAQEwCwYJKoUDBwECAQEBBCD/Mw9o6R5lQHJ13
>               jz0W+C1tdsS4W7RJn04rk9MGJq3Hg==
> -->
> 
> 
> 6) <!-- [rfced] RFC 5208 has been obsoleted by RFC 5958.  May we replace 
> the informative reference RFC 5208 with RFC 5958? If so, what section
> number should be used?
> 
> Original:
>   The private key here is presented in PrivateKeyInfo ASN.1 structure,
>   as described in RFC5208 [RFC5208], Section 5.
> -->
> 
> 
> 7) <!--[rfced] Regarding your note below, the numbers 23 and 5 were assigned, 
> so it does not seem that recalculation is needed. Please review.
> 
> Original:
>   [RFC Editor note: Note: Algorithm numbers 23 and 5 are used as an
>   example in this document, as actual numbers have not yet been
>   assigned.  If the assigned values will differ, the example keys and
>   signatures will have to be recalculated before the official
>   publication of the RFC.]
> -->
> 
> 
> 8) <!--[rfced] Vasily, regarding the postal address, is it necessary
> to list your organization twice, or may the second instance be removed?
> Also, may we update to typical abbreviations for building (Bldg.) 
> and street (St.)?
> 
> Original:
>   Vasily Dolmatov (editor)
>   JSC "NPK Kryptonite"
>   Spartakovskaya sq., 14, bld 2, JSC "NPK Kryptonite"
>   Moscow
>   105082
> 
> Perhaps:
>   Vasily Dolmatov (editor)
>   JSC "NPK Kryptonite"
>   Spartakovskaya Sq., 14, Bldg. 2
>   Moscow
>   105082
> 
> Original:
>   8 marta str., 1, bld 12
> 
> Perhaps:
>   8 Marta St., 1, Bldg. 12
> -->
> 
> 
> Thank you.
> 
> RFC Editor/ar
> 
> 
> On Mar 7, 2024, rfc-editor@rfc-editor.org wrote:
> 
> *****IMPORTANT*****
> 
> Updated 2024/03/07
> 
> RFC Author(s):
> --------------
> 
> Instructions for Completing AUTH48
> 
> Your document has now entered AUTH48.  Once it has been reviewed and 
> approved by you and all coauthors, it will be published as an RFC.  
> If an author is no longer available, there are several remedies 
> available as listed in the FAQ (https://www.rfc-editor.org/faq/).
> 
> You and you coauthors are responsible for engaging other parties 
> (e.g., Contributors or Working Group) as necessary before providing 
> your approval.
> 
> Planning your review 
> ---------------------
> 
> Please review the following aspects of your document:
> 
> *  RFC Editor questions
> 
>  Please review and resolve any questions raised by the RFC Editor 
>  that have been included in the XML file as comments marked as 
>  follows:
> 
>  <!-- [rfced] ... -->
> 
>  These questions will also be sent in a subsequent email.
> 
> *  Changes submitted by coauthors 
> 
>  Please ensure that you review any changes submitted by your 
>  coauthors.  We assume that if you do not speak up that you 
>  agree to changes submitted by your coauthors.
> 
> *  Content 
> 
>  Please review the full content of the document, as this cannot 
>  change once the RFC is published.  Please pay particular attention to:
>  - IANA considerations updates (if applicable)
>  - contact information
>  - references
> 
> *  Copyright notices and legends
> 
>  Please review the copyright notice and legends as defined in
>  RFC 5378 and the Trust Legal Provisions 
>  (TLP – https://trustee.ietf.org/license-info/).
> 
> *  Semantic markup
> 
>  Please review the markup in the XML file to ensure that elements of  
>  content are correctly tagged.  For example, ensure that <sourcecode> 
>  and <artwork> are set correctly.  See details at 
>  <https://authors.ietf.org/rfcxml-vocabulary>.
> 
> *  Formatted output
> 
>  Please review the PDF, HTML, and TXT files to ensure that the 
>  formatted output, as generated from the markup in the XML file, is 
>  reasonable.  Please note that the TXT will have formatting 
>  limitations compared to the PDF and HTML.
> 
> 
> Submitting changes
> ------------------
> 
> To submit changes, please reply to this email using ‘REPLY ALL’ as all 
> the parties CCed on this message need to see your changes. The parties 
> include:
> 
>  *  your coauthors
> 
>  *  rfc-editor@rfc-editor.org (the RPC team)
> 
>  *  other document participants, depending on the stream (e.g., 
>     IETF Stream participants are your working group chairs, the 
>     responsible ADs, and the document shepherd).
> 
>  *  auth48archive@rfc-editor.org, which is a new archival mailing list 
>     to preserve AUTH48 conversations; it is not an active discussion 
>     list:
> 
>    *  More info:
>       https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc
> 
>    *  The archive itself:
>       https://mailarchive.ietf.org/arch/browse/auth48archive/
> 
>    *  Note: If only absolutely necessary, you may temporarily opt out 
>       of the archiving of messages (e.g., to discuss a sensitive matter).
>       If needed, please add a note at the top of the message that you 
>       have dropped the address. When the discussion is concluded, 
>       auth48archive@rfc-editor.org will be re-added to the CC list and 
>       its addition will be noted at the top of the message. 
> 
> You may submit your changes in one of two ways:
> 
> An update to the provided XML file
> — OR —
> An explicit list of changes in this format
> 
> Section # (or indicate Global)
> 
> OLD:
> old text
> 
> NEW:
> new text
> 
> You do not need to reply with both an updated XML file and an explicit 
> list of changes, as either form is sufficient.
> 
> We will ask a stream manager to review and approve any changes that seem
> beyond editorial in nature, e.g., addition of new text, deletion of text, 
> and technical changes.  Information about stream managers can be found in 
> the FAQ.  Editorial changes do not require approval from a stream manager.
> 
> 
> Approving for publication
> --------------------------
> 
> To approve your RFC for publication, please reply to this email stating
> that you approve this RFC for publication.  Please use ‘REPLY ALL’,
> as all the parties CCed on this message need to see your approval.
> 
> 
> Files 
> -----
> 
> The files are available here:
>  https://www.rfc-editor.org/authors/rfc9558.xml
>  https://www.rfc-editor.org/authors/rfc9558.html
>  https://www.rfc-editor.org/authors/rfc9558.pdf
>  https://www.rfc-editor.org/authors/rfc9558.txt
> 
> Diff file of the text:
>  https://www.rfc-editor.org/authors/rfc9558-diff.html
>  https://www.rfc-editor.org/authors/rfc9558-rfcdiff.html (side by side)
> 
> Diff of the XML: 
>  https://www.rfc-editor.org/authors/rfc9558-xmldiff1.html
> 
> 
> Tracking progress
> -----------------
> 
> The details of the AUTH48 status of your document are here:
>  https://www.rfc-editor.org/auth48/rfc9558
> 
> Please let us know if you have any questions.  
> 
> Thank you for your cooperation,
> 
> RFC Editor
> 
> --------------------------------------
> RFC9558 (draft-makarenko-gost2012-dnssec-05)
> 
> Title            : Use of GOST 2012 Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC
> Author(s)        : B. Makarenko, V. Dolmatov, Ed.

v2.23.0 | Report a Bug | By Email