Re: Standardize RSA/SHA256 ?
Jelte Jansen <jelte@NLnetLabs.nl> Fri, 12 May 2006 09:02 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FeTXn-0005mq-Cd for dnsext-archive@lists.ietf.org; Fri, 12 May 2006 05:02:43 -0400
Received: from psg.com ([147.28.0.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FeTXm-0006cC-1I for dnsext-archive@lists.ietf.org; Fri, 12 May 2006 05:02:43 -0400
Received: from majordom by psg.com with local (Exim 4.60 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1FeTT0-000APo-8R for namedroppers-data@psg.com; Fri, 12 May 2006 08:57:46 +0000
X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on psg.com
X-Spam-Level:
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.1
Received: from [213.154.224.1] (helo=open.nlnetlabs.nl) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.60 (FreeBSD)) (envelope-from <jelte@NLnetLabs.nl>) id 1FeTSz-000APD-4s for namedroppers@ops.ietf.org; Fri, 12 May 2006 08:57:45 +0000
Received: from [213.154.224.45] (fable.nlnetlabs.nl [213.154.224.45]) by open.nlnetlabs.nl (8.13.4/8.13.4) with ESMTP id k4C8vgsg082446 for <namedroppers@ops.ietf.org>; Fri, 12 May 2006 10:57:42 +0200 (CEST) (envelope-from jelte@NLnetLabs.nl)
Message-ID: <44644DBB.3080605@NLnetLabs.nl>
Date: Fri, 12 May 2006 10:56:27 +0200
From: Jelte Jansen <jelte@NLnetLabs.nl>
User-Agent: Mail/News 1.5 (X11/20060309)
MIME-Version: 1.0
To: namedroppers@ops.ietf.org
Subject: Re: Standardize RSA/SHA256 ?
References: <6.2.5.6.2.20060508094001.03182b80@ogud.com> <Pine.LNX.4.44.0605091629550.31070-100000@citation2.av8.net> <87vesecle7.fsf@latte.josefsson.org>
In-Reply-To: <87vesecle7.fsf@latte.josefsson.org>
X-Enigmail-Version: 0.94.0.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="------------enigCA08124CCCBB5B07A498CA45"
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
> >> For the above reasons, I think that we have time to consider the >> correct course of action. There is no need to rush into more >> algorithms which require more code on nameservers and resolvers. > > Yes, or at least, we need to document a more compelling reason to do > RSA-SHA-265. > So why is this an issue for RSA/SHA256, and not for draft-ietf-dnsext-ds-sha256-05.txt, which also makes SHA256 mandatory? btw, both drafts don't deprecate SHA-1 but do assume that SHA256 is stronger and contain text about downgrade attacks based on this assumption. Jelte
- Standardize RSA/SHA256 ? Ólafur Guðmundsson /DNSEXT co-chair
- Re: Standardize RSA/SHA256 ? Simon Josefsson
- Re: Standardize RSA/SHA256 ? Jelte Jansen
- Re: Standardize RSA/SHA256 ? Ben Laurie
- Re: Standardize RSA/SHA256 ? Ólafur Guðmundsson /DNSEXT co-chair
- Re: Standardize RSA/SHA256 ? Ólafur Guðmundsson /DNSEXT co-chair
- RE: Standardize RSA/SHA256 ? Hallam-Baker, Phillip
- Re: Standardize RSA/SHA256 ? Wes Hardaker
- Re: Standardize RSA/SHA256 ? Russ Mundy
- Re: Standardize RSA/SHA256 ? Hilarie Orman