IETF Logo Mail Archive

[DNSOP] More private algorithms for DNSSEC

Paul Hoffman <paul.hoffman@icann.org> Sun, 20 March 2022 22:21 UTC

Return-Path: <paul.hoffman@icann.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65C893A1278 for <dnsop@ietfa.amsl.com>; Sun, 20 Mar 2022 15:21:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Na2nzS0KY-jE for <dnsop@ietfa.amsl.com>; Sun, 20 Mar 2022 15:21:19 -0700 (PDT)
Received: from ppa5.dc.icann.org (ppa5.dc.icann.org [192.0.46.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2F1A3A126B for <dnsop@ietf.org>; Sun, 20 Mar 2022 15:21:19 -0700 (PDT)
Received: from MBX112-E2-CO-1.pexch112.icann.org (out.mail.icann.org [64.78.33.7]) by ppa5.dc.icann.org (8.16.0.43/8.16.0.43) with ESMTPS id 22KMLHld009176 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dnsop@ietf.org>; Sun, 20 Mar 2022 22:21:18 GMT
Received: from MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) by MBX112-W2-CO-2.pexch112.icann.org (10.226.41.130) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.22; Sun, 20 Mar 2022 15:21:16 -0700
Received: from MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) by MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) with mapi id 15.02.0986.022; Sun, 20 Mar 2022 15:21:16 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: dnsop WG <dnsop@ietf.org>
Thread-Topic: More private algorithms for DNSSEC
Thread-Index: AQHYPKjQjpRTxIfecEGTjmFITPs66A==
Date: Sun, 20 Mar 2022 22:21:16 +0000
Message-ID: <5C105C71-B18C-4366-94F5-E8D60970109C@icann.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.0.32.234]
x-source-routing-agent: Processed
Content-Type: multipart/signed; boundary="Apple-Mail=_1BB859D7-7663-4E90-8A82-C61D989E0DA1"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.425, 18.0.850 definitions=2022-03-20_10:2022-03-15, 2022-03-20 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/-a8SdDN-INuDNO2B9J8FrvouCEE>
Subject: [DNSOP] More private algorithms for DNSSEC
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Mar 2022 22:21:23 -0000

Greetings again. I have created a new, very short draft to add more private use algorithms to DNSSEC.
   https://datatracker.ietf.org/doc/draft-hoffman-more-private-algs/
The abstract says:
   RFC 4034 allocates one value in the IANA registry for DNSSEC
   algorithm numbers for private algorithms.  That may be too few for
   experimentation where multiple yet-to-be-assigned algorithms are
   used.  This document assigns seven more values for this use case.

That's about it. This is quite low priority for now, but might become more important as people start to experiment with multiple pre-standard post-quantum algorithms at the same time.

--Paul Hoffman

v2.23.0 | Report a Bug | By Email