Re: [dnsext] CORRECTED Protocol Action: 'Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status' to Proposed Standard (draft-ietf-dnsext-dnssec-algo-imp-status-04.txt)
Lynne Bartholomew <lbartholomew@amsl.com> Thu, 14 March 2013 18:01 UTC
Return-Path: <lbartholomew@amsl.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6881F21F8800; Thu, 14 Mar 2013 11:01:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g9UWDBs0wf04; Thu, 14 Mar 2013 11:01:19 -0700 (PDT)
Received: from mail.amsl.com (mail.amsl.com [64.170.98.20]) by ietfa.amsl.com (Postfix) with ESMTP id AB32011E80F2; Thu, 14 Mar 2013 11:01:19 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by c8a.amsl.com (Postfix) with ESMTP id 9E00D124937; Thu, 14 Mar 2013 11:01:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from c8a.amsl.com ([127.0.0.1]) by localhost (c8a.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IYfDLpC8-9q9; Thu, 14 Mar 2013 11:01:19 -0700 (PDT)
Received: from [192.168.1.3] (c-71-202-76-213.hsd1.ca.comcast.net [71.202.76.213]) by c8a.amsl.com (Postfix) with ESMTPSA id 271B91246C5; Thu, 14 Mar 2013 11:01:19 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: text/plain; charset="us-ascii"
From: Lynne Bartholomew <lbartholomew@amsl.com>
In-Reply-To: <20130314145854.23217.22454.idtracker@ietfa.amsl.com>
Date: Thu, 14 Mar 2013 11:01:18 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <CF8A0F81-D225-4040-A856-31597A001F49@amsl.com>
References: <20130314145854.23217.22454.idtracker@ietfa.amsl.com>
To: The IESG <iesg-secretary@ietf.org>, Andrew Sullivan <ajs@crankycanuck.ca>, Ralph Droms <rdroms.ietf@gmail.com>, Brian Haberman <brian@innovationslab.net>
X-Mailer: Apple Mail (2.1085)
X-Mailman-Approved-At: Thu, 14 Mar 2013 12:18:39 -0700
Cc: dnsext chair <dnsext-chairs@tools.ietf.org>, dnsext mailing list <dnsext@ietf.org>, IETF-Announce <ietf-announce@ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Re: [dnsext] CORRECTED Protocol Action: 'Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status' to Proposed Standard (draft-ietf-dnsext-dnssec-algo-imp-status-04.txt)
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 18:01:20 -0000
Dear IESG, Andrew, Ralph, and Brian, We have updated our database record for this document. It is now listed as Proposed Standard. Thank you. RFC Editor/lb > From: Brian Haberman <brian@innovationslab.net> > Date: March 14, 2013 7:20:24 AM PDT > To: Ralph Droms <rdroms.ietf@gmail.com> > Cc: Andrew Sullivan <ajs@crankycanuck.ca>, The IESG <iesg-secretary@ietf.org>, dnsext-chairs@tools.ietf.org, rfc-editor@rfc-editor.org, dnsext-ads@tools.ietf.org > Subject: Re: [dnsext] Protocol Action: 'Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status' to Best Current Practice (draft-ietf-dnsext-dnssec-algo-imp-status-04.txt) > > Ugh. So, the header boilerplate indicates Standards Track, which is good. I suspect that the announcement text was not updated after that change (and that led to the mis-worded announcement). > > Since this was a BCP->PS change, I think we can ask the secretariat to withdraw the announcement and the shepherding AD can re-generate the text and re-send the announcement. > > Brian > > On 3/14/13 9:45 AM, Ralph Droms wrote: >> Good catch. I think it should be standards track, but Ted and Brian are technically in charge now. >> >> - Ralph >> >> On Mar 14, 2013, at 9:42 AM 3/14/13, Andrew Sullivan <ajs@crankycanuck.ca> wrote: >> >>> Oh, heck. One of the things Pete insisted on in his DISCUSS was that >>> this not be published as BCP but on the standards track, because it's >>> an applicability statement. >>> >>> I missed the BCP part of this announcement yesterday. >>> >>> Is this a Bad Thing? Is there something to be done about it? The >>> Draft currently says the Intended status is standards track. >>> >>> A On Mar 14, 2013, at 7:58 AM, The IESG wrote: > The IESG has approved the following document: > - 'Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm > Implementation Status' > (draft-ietf-dnsext-dnssec-algo-imp-status-04.txt) as Proposed Standard > > This document is the product of the DNS Extensions Working Group. > > The IESG contact person is Ralph Droms. > > A URL of this Internet Draft is: > http://datatracker.ietf.org/doc/draft-ietf-dnsext-dnssec-algo-imp-status/ > > > > > Technical Summary > > The DNS Security Extensions (DNSSEC) requires the use of > cryptographic algorithm suites for generating digital signatures > over DNS data. There is currently an IANA registry for these > algorithms that it lacks the recommended implementation status of > each algorithm. This document provides an applicability statement > on algorithm implementation status for DNSSEC component software. > This document lists each algorithm's status based on the current > reference. In the case that an algorithm is specified without an > implementation status, this document assigns one. The document > updates RFCs 2536, 2539, 3110, 4034, 4398, 5155, 5702, and 5933. > > Working Group Summary > > The intended effect of this draft was originally captured in > draft-ietf-dnsext-dnssec-registry-fixes-08, which made a novel and > controversial use of the IANA registry. That approach was too > controversial, and so the WG split the document into two parts. > This draft is one of them. > > The present approach was far less controversial than the previous > one, and nobody has raised any objection to the current text. > > Document Quality > > The draft does not specify a protocol of any kind, but it does > make a recommendation in favour of some algorithms that are so far > not widely deployed. > > The discussion of dnssec-registry-fixes led to the approach > instantiated in this draft. > > Personnel > > Andrew Sullivan is the Document Shepherd, and Ralph Droms is the > Responsible Area Director. > > > RFC Editor Note > > Please make the following two changes: > > In section 2.2: > > OLD: > > 2.2. Algorithm Implementation Status Assignment Rationale > > The status of RSASHA1-NSEC3-SHA1 is set to Recommended to Implement > as many deployments use NSEC3. The status of RSA/SHA-256 and RSA/ > > NEW: > > 2.2. Algorithm Implementation Status Assignment Rationale > > RSASHA1 has an implementation status of Must Implement, consistent > with [RFC4034]. RSAMD5 has an implementation status of Must Not > Implement because of known weaknesses in MD5. > > The status of RSASHA1-NSEC3-SHA1 is set to Recommended to Implement > as many deployments use NSEC3. The status of RSA/SHA-256 and RSA/ > > END > > In the IANA considerations: > > OLD: > > Because this document establishes the implementation status of every > algorithm, it should be listed as a reference for the entire > registry. > > NEW: > > Because this document establishes the implementation > status of every algorithm, it should be listed as a reference for > the registry itself (leaving in place the individual entries for the > algorithms referring to the documents that specify them). > > END > >