Re: [DNSOP] [Ext] Call for Adoption: draft-belyavskiy-rfc5933-bis

Töma Gavrichenkov <ximaera@gmail.com> Tue, 07 July 2020 11:37 UTC

Return-Path: <ximaera@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BE263A0B94 for <dnsop@ietfa.amsl.com>; Tue, 7 Jul 2020 04:37:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sh66oTb2cd7W for <dnsop@ietfa.amsl.com>; Tue, 7 Jul 2020 04:37:21 -0700 (PDT)
Received: from mail-yb1-xb35.google.com (mail-yb1-xb35.google.com [IPv6:2607:f8b0:4864:20::b35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E283F3A0B86 for <dnsop@ietf.org>; Tue, 7 Jul 2020 04:37:20 -0700 (PDT)
Received: by mail-yb1-xb35.google.com with SMTP id 2so2171810ybr.13 for <dnsop@ietf.org>; Tue, 07 Jul 2020 04:37:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=EOOWIMtm3qkMQ88c06neqCh3uXf3fF6/BhCf9FegzUc=; b=ffaQrAHWezZigzHtSgURGpVBMwVHpHskaUb4DY3oL6sSMSqsRAmsV2q+ifnzqa0f50 Dg6yal4tyTXNKzUnRSA8//D2SU39ux8Erdiuw/7wqP6c1f/AoHVfGvhqGujMJTye//89 txfggRCWbXFNJ98/3vWYv7r9Y17a8d6E1jsIKL708VWm1X9T9Wd/7BmF6ohsWQFTV030 jvYhmlN37uYeJfywskcS639tsEhWJVMW4kVOivHsKFWqrpP0v8r0rgd8PP/jUKgfKqS9 b6vAR20QZq+rgjHBe2iRQIM3QOYuMXh/4f47OZBZwEq0ZiZqri/TDgTa87HBAXjwrQLM MMqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=EOOWIMtm3qkMQ88c06neqCh3uXf3fF6/BhCf9FegzUc=; b=FP0bNaEFDY5OxgEJt05sJJIJwV9Vg1LVOr68DwqVPzaMBVON6ssZBOmM+i2BHsRp8Z iHWZJBqN4JzzJRmIwnKQl2+97GvbGrDsttXhK6zf7esPqTUaurGYzsenj579wJr8Th/p 5fqA1ESHohwIfUmswZ0nURLYDQcus0IP9xd02rD4DTn1MuXXj75DNeReDh25B4aXjow0 n/f0y5pd/IJ5kKQ6TOAajd6y3GjxFivE6xKBRLqyh2J5Bkj69LcSTiYP8fXrQlAZl04F /CIeVrD/PezXgqUJBPj4Vf/xLfF7rKPnA9UwHaIZ4D+jlaojWtoiU/oX+ysx03Tj+i2L 3VLQ==
X-Gm-Message-State: AOAM531VAfif1Dzaw2uX/65IBD2Yad+WkNJ/mbP1umsq1NitJPWSQlEA 4bBYJmUoCl0Q/5NJnVCT3bh0Lyv/zrjPw5ShhSk=
X-Google-Smtp-Source: ABdhPJxgFxTbpLCXHd2qYIyIcfsG6ZCxR9v+U0LHd5FZx7xzrZzLdU6TbIRAdw+iOLUmNPZxw8Ylfd0cCfVs4E36R0c=
X-Received: by 2002:a25:cc12:: with SMTP id l18mr19323927ybf.480.1594121839904; Tue, 07 Jul 2020 04:37:19 -0700 (PDT)
MIME-Version: 1.0
References: <CADyWQ+H4713BnZDntTuVW0FrO59zZ9NFJ=J=n9JFFq2zmfy2pQ@mail.gmail.com> <A930F8C6-9C33-4933-AC37-579ACEF5B325@ogud.com> <7FF83D52-F20B-4FF2-82AA-416835FCA5F4@isc.org> <CADqLbzJsJ6etv-eZuabLsMO4g+XYgktgpuP-fTNSi1cFTwdOGg@mail.gmail.com> <68eb8413-8704-40a3-9765-7eb19ebd0e78@www.fastmail.com> <CABcZeBORz-ustvXvrYaMm15rAHUfA3zR8Sr3ZscLWB6YJ6-s8w@mail.gmail.com> <CADyWQ+EOcTWX6PrbQUmqM6=Z442bE7itFAG6No0b9MZdcARbOg@mail.gmail.com> <CABcZeBOwxO6=Qpoyk=_cDsP5G__3CfjKV8p+boGY4-9OX=Gh8w@mail.gmail.com> <CADyWQ+Ge7AmGKT3PZ9SQDkHWi9315T=xbLcx4vQ23e=4T=zmNg@mail.gmail.com> <C2C9BDB4-AA7B-47B8-8735-2A529B37B4BA@icann.org> <CADqLbzLdu-ceWDKk5aUYTe3WzAntJKh5QTncHyy137W=nyDSfQ@mail.gmail.com> <7269525A-5376-48AA-B9DC-84BE9D84BA36@icann.org> <40d8663d-5f39-4900-b1c6-e78d73ebffcd@www.fastmail.com> <431980F9-988B-4212-8FF5-8A64436C8392@icann.org> <CABcZeBMuHMrLyPrMgfAP_4miDi5WHvvgUnsgmeCkRO=d=UDifA@mail.gmail.com> <1CEA89AD-CE7F-42BF-B2DF-1CF99846E47D@icann.org> <CAKW6Ri5cyhkP_3AwR=Tf6q9-P0Spx9N79OFc-1fafmoxz2BPaA@mail.gmail.com> <8AA61029-3E0A-491C-ACC4-F8DC43887109@gmail.com> <A7CA0EAF-0B42-4884-A4B9-C4A4BC8A3D8B@icann.org> <ybla70sgk73.fsf@w7.hardakers.net> <CADyWQ+GcD4ED8_z0ZcVZWpNQ+xcV=Q7W+9mvFGaw5QFO=Po1UA@mail.gmail.com> <E4D1903A-47AD-4E18-BF1F-D491F6B63174@icann.org>
In-Reply-To: <E4D1903A-47AD-4E18-BF1F-D491F6B63174@icann.org>
From: =?UTF-8?Q?T=C3=B6ma_Gavrichenkov?= <ximaera@gmail.com>
Date: Tue, 7 Jul 2020 14:37:07 +0300
Message-ID: <CALZ3u+b4W5XUv6wT6kUO39fzTJbAB39YZmm+yiu3Gmp=Vf=Adw@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: Tim Wicinski <tjw.ietf@gmail.com>, dnsop <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ff0be305a9d869e0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/HEvTjAWflIMeMoclLIX8flI2DsM>
Subject: Re: [DNSOP] [Ext] Call for Adoption: draft-belyavskiy-rfc5933-bis
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2020 11:37:22 -0000

Peace,

On Tue, Jul 7, 2020, 5:17 AM Paul Hoffman <paul.hoffman@icann.org> wrote:

> On Jul 6, 2020, at 6:07 PM, Tim Wicinski <tjw.ietf@gmail.com> wrote:
> > To not adopt this means, the implementers could easily pick their own
>
> This seems unlikely. If they step on unallocated code points, few
> implementers will go along with that because implementers generally respect
> the IETF and IANA more than they respect a country's crypto regime.
>

That's only correct when said implementers have a choice.  With no
allocated points going to be available in the future, a hijack would be the
only viable option.

Also, we have stepped on that rake before.  You don't need a lot of
implementers going nuts to destroy interoperability.  You only need *one*
who would be successful in that s/he is doing.

Let's face it, there's not gonna be hundreds of DNSSEC GOST implementations
anyway, I think maybe 3 or 4 would finally be born, and one of those would
likely win the competition and become a standard de-facto.  See, without
the code point allocation it's a pure gamble on whether we'll get interop
issues in the future or not.

--
Töma

>