[dnsext] [Technical Errata Reported] RFC6944 (4932)

RFC Errata System <rfc-editor@rfc-editor.org> Sun, 12 February 2017 13:47 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 325B7129618 for <dnsext@ietfa.amsl.com>; Sun, 12 Feb 2017 05:47:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.203
X-Spam-Level:
X-Spam-Status: No, score=-4.203 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5kUKOZm2Yygq for <dnsext@ietfa.amsl.com>; Sun, 12 Feb 2017 05:47:03 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 22A0F1295F4 for <dnsext@ietf.org>; Sun, 12 Feb 2017 05:47:03 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 00224B80258; Sun, 12 Feb 2017 05:47:02 -0800 (PST)
To: scottr.nist@gmail.com, suresh.krishnan@ericsson.com, terry.manderson@icann.org, ogud@ogud.com, ajs@anvilwalrusden.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20170212134703.00224B80258@rfc-editor.org>
Date: Sun, 12 Feb 2017 05:47:02 -0800 (PST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsext/_1I_MfE06q5Oifn3JGlyW9bx7kI>
X-Mailman-Approved-At: Mon, 20 Feb 2017 10:14:04 -0800
Cc: text/plain@rfc-editor.org, rfc-editor@rfc-editor.orgContent-Type, dnsext@ietf.org, charset=UTF-8@rfc-editor.org
Subject: [dnsext] [Technical Errata Reported] RFC6944 (4932)
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsext/>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Feb 2017 13:47:04 -0000

The following errata report has been submitted for RFC6944,
"Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status".

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=6944&eid=4932

--------------------------------------
Type: Technical
Reported by: Petr Spacek <petr.spacek@nic.cz>

Section: 3

Original Text
-------------
   This document lists the implementation status of cryptographic
   algorithms used with DNSSEC.  These algorithms are maintained in an
   IANA registry at http://www.iana.org/assignments/dns-sec-alg-numbers.
   Because this document establishes the implementation status of every
   algorithm, it has been listed as a reference for the registry itself.

Corrected Text
--------------
   This document lists the implementation status of cryptographic
   algorithms used with DNSSEC.  These algorithms are maintained in an
   IANA registry at http://www.iana.org/assignments/dns-sec-alg-numbers.
   Because this document establishes the implementation status of every
   algorithm, it has been listed as a reference for the registry itself.

   Given significance of status change of RSAMD5 algorithm, a reference
   to this RFC should be added to the registry.

Notes
-----
"RSAMD5 has an implementation status of Must Not Implement because of known weaknesses in MD5."

This is very important. An additional reference would lower likelihood that DNS Implementors will overlook the important piece of information.

Instructions:
-------------
This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party  
can log in to change the status and edit the report, if necessary. 

--------------------------------------
RFC6944 (draft-ietf-dnsext-dnssec-algo-imp-status-04)
--------------------------------------
Title               : Applicability Statement: DNS Security (DNSSEC) DNSKEY Algorithm Implementation Status
Publication Date    : April 2013
Author(s)           : S. Rose
Category            : PROPOSED STANDARD
Source              : DNS Extensions
Area                : Internet
Stream              : IETF
Verifying Party     : IESG