Re: [DNSOP] Benjamin Kaduk's No Objection on draft-ietf-dnsop-algorithm-update-07: (with COMMENT)
Warren Kumari <warren@kumari.net> Thu, 11 April 2019 16:21 UTC
Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B5F71203B6 for <dnsop@ietfa.amsl.com>; Thu, 11 Apr 2019 09:21:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RkLHRdUerYKy for <dnsop@ietfa.amsl.com>; Thu, 11 Apr 2019 09:21:02 -0700 (PDT)
Received: from mail-qk1-x731.google.com (mail-qk1-x731.google.com [IPv6:2607:f8b0:4864:20::731]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52BFA1203B4 for <dnsop@ietf.org>; Thu, 11 Apr 2019 09:21:00 -0700 (PDT)
Received: by mail-qk1-x731.google.com with SMTP id w20so3814205qka.7 for <dnsop@ietf.org>; Thu, 11 Apr 2019 09:21:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Hk2G9zHgp+zvaWUOHiyXpcfni16YgZTeExTTmFequWU=; b=DzHmDf+J14TFN/pdvwyktfMEk50cqoEbINzM62VC/7hoVHFtozuVqpX/ABU8RWnQK+ I91Q0TZaQ7l2Oo3LOuxQ076z7JADW60l9rLSdQhBGDrcCBPBesmC+5x+xZW13EtX3zTA AWQjtqMT6WCxJsjq1Y6VABfh/wtpmaGHwYg1fOtS5xVjs9PHG2HTxPYe6DXNIzTpjxR5 yCjWQ6Zc2Cxnc2hZHMdhF+bAIkskjgnCRa/njB96G2hFs7SxbhnpKbDSn2bjPnIXq4gb 9cPusLxC+vDGb7sznWMXV1lpUzw7JhMiUqyetRtIo/JmsJxgJbgZuh+Yt7L67X1mzfqk eqEQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Hk2G9zHgp+zvaWUOHiyXpcfni16YgZTeExTTmFequWU=; b=DtdR7MGVDzL6EziJK7z9iv3+gx5WY/55BI0jl6wdatJQcFVd5CEDo3EIfOSyaX4hC4 g1AFK4/zjfbW+AsIsv4GenK5uH6fwZxOXveGG5KbObi7dW2x/x5N6gCu/sFM+MOtHj3a oHKz2Ryt2zfL4pgMDcJztqmYotH7FxQ+xsvWFLfvY3KnN2yW575AxnvNHpqsu2eqphU9 ruOkdYyTahb3qxPmFSButd9nk8NGbCnKivPtc9U1UNvFq2Xp/1NtiRSw11fyDWiGEgV/ 5ED6zBqalHstTWvOpOpojN3GUwehkyGV8bMBbhdhCWpb8896ZutOvv/GpHSPoTp+GR5W u3pA==
X-Gm-Message-State: APjAAAUYes4nypnNvr5AUQaGQjxRAqDq23xJjguwWmbI2Iw5v03XnDdl VGvHNX+6jznF93hgkdB/j9CDr8kwg8gnYxfBKDW9qw==
X-Google-Smtp-Source: APXvYqx7WjTp1U8x0s51hCwScKPMnKr2wKI6Y6veB32SP9VRD0JC9bRCdjDuTyALWX/S3lQNO0AGoptqNXEUb3LF8dI=
X-Received: by 2002:a37:a650:: with SMTP id p77mr39601637qke.256.1554999658772; Thu, 11 Apr 2019 09:20:58 -0700 (PDT)
MIME-Version: 1.0
References: <155448126450.10133.15933575757540602207.idtracker@ietfa.amsl.com> <CA+nkc8CkyV68mrUjoZTFD5+qDX8kNs39Xpsd7d8Cyis80zMWcA@mail.gmail.com> <alpine.LRH.2.21.1904090751170.739@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1904090751170.739@bofh.nohats.ca>
From: Warren Kumari <warren@kumari.net>
Date: Thu, 11 Apr 2019 12:20:21 -0400
Message-ID: <CAHw9_iJ4J9GTV3DbGjuYA5KdT5TZi1tfMQRr+x3XWEv0qH_c+w@mail.gmail.com>
To: Paul Wouters <paul@nohats.ca>
Cc: DNSOP-Chairs Chairs <dnsop-chairs@ietf.org>, IETF DNSOP WG <dnsop@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>, draft-ietf-dnsop-algorithm-update@ietf.org
Content-Type: multipart/alternative; boundary="00000000000049919d05864392d8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/C3s_6DadrJ2Zm2h8QEeP4dLTFuE>
Subject: Re: [DNSOP] Benjamin Kaduk's No Objection on draft-ietf-dnsop-algorithm-update-07: (with COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2019 16:21:04 -0000
[ - IESG (for clutter), Bob & Tim (through DNSOP / Chairs respectively) ] On Tue, Apr 9, 2019 at 7:55 AM Paul Wouters <paul@nohats.ca> wrote: > On Fri, 5 Apr 2019, Bob Harold wrote: > > [ SNIP ] > > > In a similar vein, if we stay at PS, a lot of the references seem > like > > they would need to move from Informative to Normative, since to > > implement the various MUST-level algorithms you have to follow > those > > references. > > I would not say those references are normative in that sense. You don't > HAVE to read how GOST is specified to not implement it. > > Perhaps, but there are still lots of Informative references which implementers would need to read. For example: RFC5702, RFC6605: 8 RSA/SHA-256 RSASHA256 Y * [RFC5702] 10 RSA/SHA-512 RSASHA512 Y * [RFC5702] 13 ECDSA Curve P-256 with SHA-256 ECDSAP256SHA256 Y * [RFC6605] RFC4509: 2 SHA-256 MANDATORY [RFC4509] It is a simple matter to make these Normative.... -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf
- Re: [DNSOP] Benjamin Kaduk's No Objection on draf… Bob Harold
- [DNSOP] Benjamin Kaduk's No Objection on draft-ie… Benjamin Kaduk via Datatracker
- Re: [DNSOP] Benjamin Kaduk's No Objection on draf… Paul Wouters
- Re: [DNSOP] Benjamin Kaduk's No Objection on draf… Warren Kumari
- Re: [DNSOP] Benjamin Kaduk's No Objection on draf… Benjamin Kaduk