IETF Logo Mail Archive

Re: [DNSOP] Call for Adoption: draft-belyavskiy-rfc5933-bis

Василий Долматов <vdolmatov@gmail.com> Tue, 16 June 2020 19:11 UTC

Return-Path: <vdolmatov@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 166FC3A1262; Tue, 16 Jun 2020 12:11:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A_vn9SRQMEju; Tue, 16 Jun 2020 12:11:23 -0700 (PDT)
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B55103A125F; Tue, 16 Jun 2020 12:11:22 -0700 (PDT)
Received: by mail-lj1-x234.google.com with SMTP id c17so24908324lji.11; Tue, 16 Jun 2020 12:11:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ROXOHEDU3BVK+S+eDr6bFvwnqEJV6V2RtwX8z4V8zUE=; b=EOvwOp5Zcx50ElhdA2thhecx6oGzwX6viO8V5aY3/LzN8IAyLhdrz+GpR59ijLBGj4 39JptrSj94QKqzDyZDEmzF1RoqW2rziH3hgpEhGoqPCAwfUmprkbb95b3ZU+QykIhZS3 esOboFXskartKhWjnUorj1Hn5kMndkITCDJ46z+1TQy9i8s6VE2xBIG2mnV9hQmdY2Cx JmdhjkxE9WqTu8fABD7FxNyJmEOBT0bY2EVkIiH5tpo7ZsI7Zqhf0BauNWqFockdshLW AvdqsPDrCKaqmtv8iGaRnDDmZMBhnpTPWiji7YY+ojYdhLyjQmV8AgqPfBNjPYcYYAfA RcQw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ROXOHEDU3BVK+S+eDr6bFvwnqEJV6V2RtwX8z4V8zUE=; b=PD4ssaGrdDUlnlvkUCeBvGQfzxuWN6Z+A5lY8PWyLxgS1hZkHeePQAn/GeABSG3tC7 MGDVoNgzX/oIlcYQ4w3xy+f7/93a1oY16bRyJi81xc5m4MdvZD1cXbOkMIRsZ/mcxz8j 49E6npiIUV0u7Rgoyh4ym6wGNpvK4cOntH5Y8l8aytoyk/6NIbJR4jfwlGxx953YcDpc VmWjBESFc9nA1Pel+SNMDRw5ogMpfg1fYhCDUeloeeNXgZ4ZIBebxHSZD7CrSBZg6qNC oTltDiZs8xjeyMQQ5/utkhrAYl+bKBzXONRy0nhi6Ux700iNh7gmRott6S90o0MQ6W1R 64ig==
X-Gm-Message-State: AOAM532vEr+TS5FqizuLkl0DQx5o31s0rpLvnP3MUJIYs+/Gd7QhanQN CeGpLoklb68Pr8LppihHA7c=
X-Google-Smtp-Source: ABdhPJzkw5iO8vhJDAHw74GTBvmDtfdQpdhs+ySS73eoQhSvHimVJidGzWVcfdENYHd/SsaXyXvfMw==
X-Received: by 2002:a2e:83c7:: with SMTP id s7mr2251838ljh.68.1592334680705; Tue, 16 Jun 2020 12:11:20 -0700 (PDT)
Received: from [172.20.10.10] ([31.173.25.49]) by smtp.gmail.com with ESMTPSA id f7sm4571353lja.1.2020.06.16.12.11.18 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 16 Jun 2020 12:11:20 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.5\))
From: Василий Долматов <vdolmatov@gmail.com>
In-Reply-To: <7FF83D52-F20B-4FF2-82AA-416835FCA5F4@isc.org>
Date: Tue, 16 Jun 2020 22:11:15 +0300
Cc: Tim WIcinski <tjw.ietf@gmail.com>, dnsop <dnsop@ietf.org>, dnsop-chairs <dnsop-chairs@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <AFE6F117-9CB1-4FB0-AD04-415C4C2B6065@gmail.com>
References: <CADyWQ+H4713BnZDntTuVW0FrO59zZ9NFJ=J=n9JFFq2zmfy2pQ@mail.gmail.com> <A930F8C6-9C33-4933-AC37-579ACEF5B325@ogud.com> <7FF83D52-F20B-4FF2-82AA-416835FCA5F4@isc.org>
To: Ondřej Surý <ondrej@isc.org>
X-Mailer: Apple Mail (2.3445.9.5)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Et0SxRkRGF4em3uM8sNl_BRL5yI>
Subject: Re: [DNSOP] Call for Adoption: draft-belyavskiy-rfc5933-bis
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jun 2020 19:11:24 -0000

Hello Ondrej,

> 16 июня 2020 г., в 10:52, Ondřej Surý <ondrej@isc.org> написал(а):
> 
> 
> 
> I consider the previous GOST standardization for DNSSEC to be a fiasco.
I do not think that _standartization_ was a fiasco.
The implementation - definitely was one.

That has an explanation, when RFC5933 was published, soon it was announced that
these algorithms will be superseded by new ones.
So, all implementors prefer not to realize the algorithms which will be defunct in three years 
(as was stated, in reality this intermediate period was prolonged and was more than five years).

Now, the situation is stable and the implementors are waiting for the standard to refer to.
> 
> I would also ask the WG to require a implementation report before we send
> this to WGLC.
I agree that WGLC will require working reference implementation. And we will go for that.
> The support for GOST family of algorithms varies between
> the various crypto libraries.
That problem has been noted also some time ago, and for TLS and IPSEC implementations with
GOST algorithms there is now independent test service provided, which allows to  test implementations
by different vendors for compatibility with current standards (list of RFCs checked is provided there).

When DNSSEC implementation wil go forward it will be added to this independent testbed
to give vendors and developers possibility to check compatibility with the standards,

> 

dol@

v2.23.0 | Report a Bug | By Email