Re: [DNSOP] Algorithm implementation recommendations in 8624
Mats Dufberg <mats.dufberg@internetstiftelsen.se> Wed, 17 June 2020 06:30 UTC
Return-Path: <mats.dufberg@internetstiftelsen.se>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0F123A0F16 for <dnsop@ietfa.amsl.com>; Tue, 16 Jun 2020 23:30:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=internetstiftelsen.se header.b=cSvOpW+L; dkim=pass (1024-bit key) header.d=internetstiftelsenisverige.onmicrosoft.com header.b=Z6QlQyY+
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7jmNrHnHkhmU for <dnsop@ietfa.amsl.com>; Tue, 16 Jun 2020 23:30:18 -0700 (PDT)
Received: from relay2.iis.se (relay2.iis.se [IPv6:2001:67c:124c:2007::38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 475F53A0F15 for <dnsop@ietf.org>; Tue, 16 Jun 2020 23:30:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=internetstiftelsen.se; s=iis2015; h=mime-version:content-type:in-reply-to:references:message-id:date:subject:to: from:from; bh=tw+d8pJefKn30ZgsS5dTCDKCGIQxPPpAEAGKERmw5Sc=; b=cSvOpW+LfMOHTQi+aKc8nhxiRElsXehoIzVSo/treaBeocIt92XnfYxtoyrUvJhFt83iXKDraCDqd g4z7GpZbyYl7YWDDC5ijWTx792N0sGu3UI0nJpLsyM4iJFoWvplMqjRzrhPmaqUwFU8MV4u7mBbd0L AG1q9g3hVMveVBLo=
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (unknown [2a01:111:f400:7e0a::204]) by relay2.iis.se (Halon) with ESMTPS id 00b22845-b064-11ea-b91b-00505682e997; Wed, 17 Jun 2020 06:30:14 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Qh8SY169pUIdvANSgJqvwPyB9P9jID+/oH3KZ6Bif/GzZD2g0goNGDhLY6iG7t8eAKYTJJr0BDwMzv2o6qGbMFKw8bX+pPhHDIsCp6t1MQlq0lb/bNCr9ovTjMfO29Coq9NF6+TNPLzayzFBZvtd/+wfriMku5J4lZzdp/n4dOWz1lc7NAMcJIVy73QbHlovXg6g72ZDruaZ+daqDHewuJGmHIdriMeho6clOSMM+XrGKBh3/0bv3jIeHFN4sXsOirbltxslmfbEZ56zS8ynrBVUMbX7YH7gp5/loZut/5MwEexayateM+eEzoZMRYEgWGIIpLWVFQIRLovDkfa0DQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tw+d8pJefKn30ZgsS5dTCDKCGIQxPPpAEAGKERmw5Sc=; b=joI761As/0VNPb/jqgmdKmAPwHgCKMZ0iZ/eGNKnEQ9eqZvNdP/Q25WzlJh03aLL8bScUq61xzW7bCkWSoaOD2yyeTP7cNh1ELBI8h2wVVSbAKvGoCJ0aEf4fMiJxvoQZCy6QvrVtvTuLhYo6RNjV6pSQJtW+Ux2qrApNOb0rLC7d6QED73iCzbbhJBMLLY815xIIhoUK3BNxaLzsR6F55E4gCoOiQ7gptBQk0/XoqfCE4nPkiF5CyTXJToLJXWLMUOXDzRGbAr+5rslAtiB0iFKFWFkrAol7rhrqF52d7lyA1LuFdgmNZelD16SlUKxmKnyLSL5pn8SzGjrdhdK1Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internetstiftelsen.se; dmarc=pass action=none header.from=internetstiftelsen.se; dkim=pass header.d=internetstiftelsen.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=internetstiftelsenisverige.onmicrosoft.com; s=selector1-internetstiftelsenisverige-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tw+d8pJefKn30ZgsS5dTCDKCGIQxPPpAEAGKERmw5Sc=; b=Z6QlQyY+XfUgOslq4BhqFPJkT+RGET/Ri9GhBUE4h7821RR7XRB5Cu8yP06vGuMqMJS1LbjAWUdsbZWiTcwS+9blH2JCylVUhL3TGpo82EDHzBzuujvDkhB2djH8XyYeLuE4ARMwKWGs4yf9D4HNug836WDre1AoxkkM9spHTeQ=
Received: from HE1P193MB0010.EURP193.PROD.OUTLOOK.COM (2603:10a6:3:104::22) by HE1P193MB0204.EURP193.PROD.OUTLOOK.COM (2603:10a6:3:102::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3088.25; Wed, 17 Jun 2020 06:30:13 +0000
Received: from HE1P193MB0010.EURP193.PROD.OUTLOOK.COM ([fe80::ecdd:b2fc:8374:637e]) by HE1P193MB0010.EURP193.PROD.OUTLOOK.COM ([fe80::ecdd:b2fc:8374:637e%8]) with mapi id 15.20.3088.028; Wed, 17 Jun 2020 06:30:13 +0000
From: Mats Dufberg <mats.dufberg@internetstiftelsen.se>
To: dnsop <dnsop@ietf.org>
Thread-Topic: [DNSOP] Algorithm implementation recommendations in 8624
Thread-Index: AQHWRC6L7nTPlsC4KkKJF+gLP7P9TajcWSUA
Date: Wed, 17 Jun 2020 06:30:12 +0000
Message-ID: <E81152F1-E0C5-4AA4-A7FE-052DA79A323B@internetstiftelsen.se>
References: <CADyWQ+FPJ-82s9bYtOX5rdZe82P1Gp4jdPt3dopyJxY068irXA@mail.gmail.com>
In-Reply-To: <CADyWQ+FPJ-82s9bYtOX5rdZe82P1Gp4jdPt3dopyJxY068irXA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.104.14)
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=internetstiftelsen.se;
x-originating-ip: [213.108.25.22]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ab99718e-44c1-4383-0b2e-08d81287e427
x-ms-traffictypediagnostic: HE1P193MB0204:
x-microsoft-antispam-prvs: <HE1P193MB0204BC59AF69740BF3893C2A949A0@HE1P193MB0204.EURP193.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 04371797A5
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Gx4/eavQlqWGWWUj7FFMwPsmB/vKVqKQt/820L9HWv0bzvHi74CJMeIfADMCcgacjCPC5NS5biDkhPNLxW5fKLMRR4bssqW/yIw/8XbnzwLhueiaK18pJrwP1kGFCYl55Tp1+4xpoK4gZwgkP4Z6m8SZ3IlT6bCj1XweoNdU1xmp7jFvwpdtChZbeZrjvJt3Yx7iVB9cQIHjWFBigrtQG42RQIKN7kX+KJt1/cMGJL4GubIQJNN6mwotQHLtFtGn06nrCXFN30sK0H0P4y668jhHz3e/1AMab/WmNTEHKkjuMmOqZRXPK52n6DTl1rS6NuIYztYunQ/ZFoHYghNs6CstOReCu6fiCikG4SxBfwiRHvCWtyj8X27y60MfjqhC7slZi0p5LKPjh5xH8bx1fQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1P193MB0010.EURP193.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(136003)(396003)(39840400004)(346002)(366004)(376002)(6486002)(26005)(44832011)(8676002)(316002)(2616005)(36756003)(66946007)(66556008)(86362001)(71200400001)(66446008)(76116006)(8936002)(64756008)(2906002)(66476007)(508600001)(6916009)(966005)(6512007)(5660300002)(4744005)(33656002)(6506007)(166002)(53546011)(66574015)(186003)(83380400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: Ivk1OHLefDiURY8nfVNOFpNktC0VsqlIdxKPPOyIGi5tHGEH1abdjpoQb5etKbxAxJH/zz3qg8l2w+NbNA8iSNX6/SKbrQ4e0Sbzi1VF6GQvG63I2Hsdtlu9I00EaA8yn1fn0LWvPoRqgsdFX6yPHsRIr8z1BDW8ALiThGb/Po+H5JP8RxcBy19FEwkuwHm6ZwTBWaPi/NXwzkGoLd/n+OiNBxNMeXjy0d5sbLHKpKZpwfOJ7EsqJscaiVppcE3JVLaLWq3eZw7W7ljnPBh0kXvcrSucypI+siVCu3N6CKmFbPYIgq7tRBl626kqY4DZkvp+P+6cnpx6Cd0/ztXklya/N8bfaC4/QGnTHDrbC0NUp1eeC5KP+yKUMSKTh6rA/FD9QT3+OyBZvLJRIw/dnXPG9WvypBZU/FZP8VXzGuT8NSj8TQQHhwm3Qn2cIHlyLSzMfur063cEMSfeZJISeCfht5COGhT+CjkwA/Q7PMA+6vLv/hdY7nAnPclHraKb
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_E81152F1E0C54AA4A7FE052DA79A323Binternetstiftelsense_"
MIME-Version: 1.0
X-OriginatorOrg: internetstiftelsen.se
X-MS-Exchange-CrossTenant-Network-Message-Id: ab99718e-44c1-4383-0b2e-08d81287e427
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jun 2020 06:30:12.9734 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c2aa68f8-18f3-48ae-81ba-02301d121d9a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: nD14v49iCZmysKKG14sQR+W2Omvf+zXKu+7FCDYmjHNNCF03cHZbgV4H3v0V6YJQo9NWi4TOOrGXXi765ui5kFWJXkcoUqPM4cHUARUidDSWNR3zYj209EVH/tlJ1wTs
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1P193MB0204
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/9YI-fJJwXn5CMaoo6ktusYVS8jQ>
Subject: Re: [DNSOP] Algorithm implementation recommendations in 8624
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jun 2020 06:30:21 -0000
On 17 Jun 2020, at 00:35, Tim Wicinski <tjw.ietf@gmail.com<mailto:tjw.ietf@gmail.com>> wrote: All The more time I spend referring to the implementation recommendation table in 8624 https://www.rfc-editor.org/rfc/rfc8624.html#page-5 The more time I wonder if there is a way to extend https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml to add signing/validation recommendations. This seems "hard" from the world of IANA, but I'm not an expert. Any opinions or suggestions? What strikes me is that IANA has no reference to RFC 8624 and that IANA still seems to consider SHA-1 and GOST to be algorithms to be used. Mats --- Mats Dufberg mats.dufberg@internetstiftelsen.se<mailto:mats.dufberg@internetstiftelsen.se> Technical Expert Internetstiftelsen (The Swedish Internet Foundation) Mobile: +46 73 065 3899 https://internetstiftelsen.se/
- [DNSOP] Algorithm implementation recommendations … Tim Wicinski
- Re: [DNSOP] Algorithm implementation recommendati… Mats Dufberg
- Re: [DNSOP] Algorithm implementation recommendati… Vladimír Čunát
- Re: [DNSOP] Algorithm implementation recommendati… Paul Wouters