Re: [dnsext] Follow up on draft-ietf-dnsext-dnssec-registry-fixes

Samuel Weiler <weiler@watson.org> Fri, 13 January 2012 04:12 UTC

Return-Path: <weiler@watson.org>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 085DA21F85EE for <dnsext@ietfa.amsl.com>; Thu, 12 Jan 2012 20:12:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.949
X-Spam-Level:
X-Spam-Status: No, score=-1.949 tagged_above=-999 required=5 tests=[AWL=0.650, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JYSC5zQzWScG for <dnsext@ietfa.amsl.com>; Thu, 12 Jan 2012 20:11:59 -0800 (PST)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by ietfa.amsl.com (Postfix) with ESMTP id 7C57F21F854A for <dnsext@ietf.org>; Thu, 12 Jan 2012 20:11:59 -0800 (PST)
Received: from fledge.watson.org (localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.14.4/8.14.4) with ESMTP id q0D4BtYP073081; Thu, 12 Jan 2012 23:11:55 -0500 (EST) (envelope-from weiler@watson.org)
Received: from localhost (weiler@localhost) by fledge.watson.org (8.14.4/8.14.4/Submit) with ESMTP id q0D4Bt8d073077; Thu, 12 Jan 2012 23:11:55 -0500 (EST) (envelope-from weiler@watson.org)
X-Authentication-Warning: fledge.watson.org: weiler owned process doing -bs
Date: Thu, 12 Jan 2012 23:11:55 -0500
From: Samuel Weiler <weiler@watson.org>
To: Andrew Sullivan <ajs@anvilwalrusden.com>
In-Reply-To: <20120109222905.GW1820@crankycanuck.ca>
Message-ID: <alpine.BSF.2.00.1201122232580.86374@fledge.watson.org>
References: <20120109222905.GW1820@crankycanuck.ca>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (fledge.watson.org [127.0.0.1]); Thu, 12 Jan 2012 23:11:55 -0500 (EST)
Cc: dnsext@ietf.org
Subject: Re: [dnsext] Follow up on draft-ietf-dnsext-dnssec-registry-fixes
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Jan 2012 04:12:00 -0000

Looking just at draft-srose-dnssec-registry-update-00:

1) the propsoed replacement registry no longer mentions that algorithm 
1 has been deprecated (as currently indicated in the IANA registry). 
If that flag is to be removed, perhaps that should be called out in 
section 2.1 as a change.

2) The original IANA registry contains some trailing data re: DH 
primes.  It might be worth explaining/mentioning that.

3) Three algorithms continue to have asterisks in the transaction 
security column (here renamed to Transaction Sign), with a footnote 
(originally from RFC5702) saying "There has been no determination of 
standardization of the use of this algorithm with Transaction 
Security."  Can we say anything more re: these three algorithms' 
usefulness for SIG(0) or TSIG?  If not, we at least need to leave that 
footnote expansion in the registry.