Re: [dnsext] WGLC on draft-ietf-dnsext-dnssec-algo-signal-05

Miek and Ed,

I'm all in favor of longer term of supporting smooth transitions in the future.  We're paying a huge price with IPv6 for not having done so with addresses, and we are and will continue to have similar problems in other areas.  That said, two comments:

1. I think it's worth moving the present document forward so we can measure the uptake of new algorithms in DNSSEC.  I think the need for algorithm transition is coming sooner than many expect.

2. The specific suggestion of referencing RFCs instead of IANA registry tables is intriguing.  I can see advantages, but I can also see possible problems.  I think the proposed scheme needs a bit of discussion and a design note before moving this forward.

Thanks,

Steve

On Mar 29, 2012, at 9:43 AM, Miek Gieben wrote:

> [ Quoting <Ed.Lewis@neustar.biz> in "Re: [dnsext] WGLC on draft-ietf-dns..." ]
>> These comments aren't meant to stop the current document processing
>> bureaucracy from proceeding but offered as food for thought.  It it
>> foreseeable that in 10-15 years we will have lots of things change in
>> the DNS.  We know that we lack any version management capability (the
>> RFC that defined SHA256 for DS hashes mentions this).  Although it
>> will be an eon before we have one, we have to start somewhere.  And
>> maybe the current document, such as it is, is the first step.  But in
>> talking to people here this week, we could expand the idea.
> 
> I, for one, like this. Another IANA registry is one step too far I guess, but
> re-using RFC numbers like this seems like an elegant solution.
> 
> Regards,
> Miek Gieben
> _______________________________________________
> dnsext mailing list
> dnsext@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsext