[dnsext] new recommendations for algs? was Re: RSA algorithm padding...
Edward Lewis <Ed.Lewis@neustar.biz> Thu, 21 October 2010 12:24 UTC
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 195D33A699F; Thu, 21 Oct 2010 05:24:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Status: No, score=-101.623 tagged_above=-999 required=5 tests=[AWL=0.976, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([22.214.171.124]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gKrDTIsIgh+R; Thu, 21 Oct 2010 05:24:42 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 14B193A694A; Thu, 21 Oct 2010 05:24:42 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.72 (FreeBSD)) (envelope-from <firstname.lastname@example.org>) id 1P8u72-00019B-9x for email@example.com; Thu, 21 Oct 2010 12:19:16 +0000
Received: from stora.ogud.com ([126.96.36.199]) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72 (FreeBSD)) (envelope-from <Ed.Lewis@neustar.biz>) id 1P8u6z-00018p-LN for firstname.lastname@example.org; Thu, 21 Oct 2010 12:19:13 +0000
Received: from Work-Laptop-2.local (gatt.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.4/8.14.4) with ESMTP id o9LCJ12s016348; Thu, 21 Oct 2010 08:19:03 -0400 (EDT) (envelope-from Ed.Lewis@neustar.biz)
Received: from [10.31.200.147] by Work-Laptop-2.local (PGP Universal service); Thu, 21 Oct 2010 08:19:10 -0400
X-PGP-Universal: processed; by Work-Laptop-2.local on Thu, 21 Oct 2010 08:19:10 -0400
References: <email@example.com> <4CBF8600.firstname.lastname@example.org>
Date: Thu, 21 Oct 2010 08:11:50 -0400
To: namedroppers <email@example.com>
From: Edward Lewis <Ed.Lewis@neustar.biz>
Subject: [dnsext] new recommendations for algs? was Re: RSA algorithm padding...
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
X-Scanned-By: MIMEDefang 2.68 on 10.20.30.4
List-Unsubscribe: To unsubscribe send a message to firstname.lastname@example.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
At 20:14 -0400 10/20/10, Olafur Gudmundsson wrote: >RFC5702 is likely to be the last change to any RSA algorithm for DNSSEC, >as ECC based algorithms are likely to become the recommended algorithms >in the not so distant future. If there's going to be a change in the recommended algorithms any time soon, the operator community will need better key management and signature maintenance tools. I'm not pointing to any implementations in particular, but there's a growing awareness that changing algorithms isn't easy with what we have. It's not the specification but the tools. So maybe this isn't something that the DNSEXT solves - but if the DNSEXT group dictates operational parameters they have to do so realizing that tools are needed if the operator community is able to keep up. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStar You can leave a voice message at +1-571-434-5468 Ever get the feeling that someday if you google for your own life story, you'll find that someone has already written it and it's on sale at Amazon?
- [dnsext] RSA algorithm padding in RFC 5702, RSASS… Hanno Böck
- Re: [dnsext] RSA algorithm padding in RFC 5702, R… Mark Andrews
- Re: [dnsext] RSA algorithm padding in RFC 5702, R… Olafur Gudmundsson
- [dnsext] new recommendations for algs? was Re: RS… Edward Lewis
- Re: [dnsext] RSA algorithm padding in RFC 5702, R… Paul Wouters