Re: [DNSOP] ECDSA woes
Mikael Abrahamsson <swmike@swm.pp.se> Sun, 16 October 2016 08:16 UTC
Return-Path: <swmike@swm.pp.se>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92DF21295DA for <dnsop@ietfa.amsl.com>; Sun, 16 Oct 2016 01:16:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.432
X-Spam-Level:
X-Spam-Status: No, score=-2.432 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.431, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=swm.pp.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oeVx8a14KZMm for <dnsop@ietfa.amsl.com>; Sun, 16 Oct 2016 01:16:21 -0700 (PDT)
Received: from uplift.swm.pp.se (ipv6.swm.pp.se [IPv6:2a00:801::f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F9251295D1 for <dnsop@ietf.org>; Sun, 16 Oct 2016 01:16:21 -0700 (PDT)
Received: by uplift.swm.pp.se (Postfix, from userid 501) id 866FEA2; Sun, 16 Oct 2016 10:16:19 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=swm.pp.se; s=mail; t=1476605779; bh=59mzDPzKUdBI2t52wynWAIULw248ldS98XgOLJLWWQg=; h=Date:From:To:cc:Subject:In-Reply-To:References:From; b=B48VTA0hFCKjX1soZyQITauD5xMK36TFdlA2EOox4U+itj60hgoTnS9JzvSACc2QT sOOEUafC5MhESMYFKFXse7szjGJzluNuYzJRrr36x6CyDVe/twEjS85KTjzw2CFyMi 9OOjbm7GeVHMEjdfLnr86tzEVhhWV0FBgUcZ+B34=
Received: from localhost (localhost [127.0.0.1]) by uplift.swm.pp.se (Postfix) with ESMTP id 746CCA1; Sun, 16 Oct 2016 10:16:19 +0200 (CEST)
Date: Sun, 16 Oct 2016 10:16:19 +0200
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: Ólafur Guðmundsson <olafur@cloudflare.com>
In-Reply-To: <CAN6NTqz1Qk57KWFUio0jY36gkMi+HNmMvH4+PpSF-nhux+UXWg@mail.gmail.com>
Message-ID: <alpine.DEB.2.02.1610161014330.12036@uplift.swm.pp.se>
References: <alpine.DEB.2.02.1610150806380.26951@uplift.swm.pp.se> <c1e14584-a444-37ef-1e4c-d1077ba4f384@bellis.me.uk> <alpine.DEB.2.02.1610151717420.12036@uplift.swm.pp.se> <0A83A7D9-E7E8-4494-86F9-F19AE96967D7@fl1ger.de> <alpine.DEB.2.02.1610151751210.12036@uplift.swm.pp.se> <11BD031F-EDBF-4DF6-A167-0240581EBD0F@apnic.net> <CAN6NTqz1Qk57KWFUio0jY36gkMi+HNmMvH4+PpSF-nhux+UXWg@mail.gmail.com>
User-Agent: Alpine 2.02 (DEB 1266 2009-07-14)
Organization: People's Front Against WWW
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="-137064504-1437314212-1476605779=:12036"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/3JZV21rS7hUnH0pU3xhUZy6DeN0>
Cc: dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] ECDSA woes
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Oct 2016 08:16:22 -0000
On Sat, 15 Oct 2016, Ólafur Guðmundsson wrote: > I have domains signed by all combinations of signing algorithms and DS > digests as well as Nsec variants > Ds-n.alg-m-nsec.dnssec-test.org > > Replace n with 1..4 > M with 1..14 > Nsec is one of Nsec nsec3 none I'd be veryinterested if you could create an algorithm called "99" (or something), and we could test that. Anyone not loading the "99" resource is violating the "SHOULD", even if they understand ECDSA. This would investigate ratio of problems when we want to introduce a new algorithm in the future. -- Mikael Abrahamsson email: swmike@swm.pp.se
- [DNSOP] ECDSA woes Mikael Abrahamsson
- Re: [DNSOP] ECDSA woes Ray Bellis
- Re: [DNSOP] ECDSA woes Roy Arends
- Re: [DNSOP] ECDSA woes Mikael Abrahamsson
- Re: [DNSOP] ECDSA woes Ralf Weber
- Re: [DNSOP] ECDSA woes Mikael Abrahamsson
- Re: [DNSOP] ECDSA woes Marek Vavruša
- Re: [DNSOP] ECDSA woes Geoff Huston
- Re: [DNSOP] ECDSA woes Ólafur Guðmundsson
- Re: [DNSOP] ECDSA woes Mikael Abrahamsson
- Re: [DNSOP] ECDSA woes Mikael Abrahamsson
- Re: [DNSOP] ECDSA woes Ólafur Guðmundsson
- Re: [DNSOP] ECDSA woes Mark Andrews
- Re: [DNSOP] ECDSA woes Mark Andrews
- Re: [DNSOP] ECDSA woes Jan Včelák
- Re: [DNSOP] ECDSA woes Dan York
- Re: [DNSOP] ECDSA woes Mark Andrews