Re: [DNSOP] Call for Adoption draft-wouters-sury-dnsop-algorithm-update

Roy Arends <roy@dnss.ec> Tue, 28 February 2017 21:19 UTC

Return-Path: <roy@dnss.ec>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38DA7128E18 for <dnsop@ietfa.amsl.com>; Tue, 28 Feb 2017 13:19:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dnss.ec
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1rfKNHFpbLXl for <dnsop@ietfa.amsl.com>; Tue, 28 Feb 2017 13:19:39 -0800 (PST)
Received: from mail-qk0-x229.google.com (mail-qk0-x229.google.com [IPv6:2607:f8b0:400d:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32DE3127601 for <dnsop@ietf.org>; Tue, 28 Feb 2017 13:19:38 -0800 (PST)
Received: by mail-qk0-x229.google.com with SMTP id s186so39405361qkb.1 for <dnsop@ietf.org>; Tue, 28 Feb 2017 13:19:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dnss.ec; s=google; h=mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=m6VjVCQ1tUgqiybykx/6m49ppGexVnevXx8CofUy6cA=; b=QeSYaBBvG1UFJe21+oa3UbALHlzdb7TJkhESlLfgC54tUvpBJef5mFkH4vA2v8QoRt L1AXlPGFjP6RFE/7a7QCSiBXbFl89UiXfKuusS/kzZA5LxPyKmz7KFCLRRWSRDsWNLzx P6X/f42aExADTIjimL526WVy+Pnw9f7rfa8Ik=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=m6VjVCQ1tUgqiybykx/6m49ppGexVnevXx8CofUy6cA=; b=BTrXD4cj+aZWARpQE7VzVPrcVAspfKimt7Ki0hkJSNFa2yYMM4+V9gm248sy/E/pqY dfyoyv2+Xhs1mR7bdQKygvrOTlKdkwxQwrKi2VRDS6nCubdLrxRu6f6soh4+bNPcRLOk mZEYCMy6g9uegzYXSmKHrL+qEL5I0boedZJY+EGPXgfYY7dcDnMIGU9CvUmVnAapOFJF mUt5vT2VvUQec6nMYApt73T0FnU5Tpgi9nZrFDsUZ+t8nBPrmWTnWrPvMx42q3mfwUR/ +ppOTjCqeU7uRZyWmwyiXmnHnrctX6hX9Yl7RDODAHda6zueRsGQRO8P0t6fu5wDBJe2 0dTg==
X-Gm-Message-State: AMke39nCBS21Ud5rinERQj2VH8zVJckmxGXyFKF6lOL15t/l8JhHI2bBKMG8OC05fdPPyQ==
X-Received: by 10.200.50.112 with SMTP id y45mr5289318qta.75.1488316777723; Tue, 28 Feb 2017 13:19:37 -0800 (PST)
Received: from [192.168.1.82] (host81-156-184-24.range81-156.btcentralplus.com. [81.156.184.24]) by smtp.gmail.com with ESMTPSA id j14sm1787136qtj.32.2017.02.28.13.19.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 28 Feb 2017 13:19:36 -0800 (PST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
From: Roy Arends <roy@dnss.ec>
In-Reply-To: <78013346-6100-f7e6-a3c8-87d2f92533d8@gmail.com>
Date: Tue, 28 Feb 2017 21:19:34 +0000
Content-Transfer-Encoding: quoted-printable
Message-Id: <F40B69DF-6391-4008-A7CD-C85277952D8A@dnss.ec>
References: <78013346-6100-f7e6-a3c8-87d2f92533d8@gmail.com>
To: dnsop <dnsop@ietf.org>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/LSQ3QSMqA0OGJYAQ0fwQVsbjwJk>
Subject: Re: [DNSOP] Call for Adoption draft-wouters-sury-dnsop-algorithm-update
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Feb 2017 21:19:41 -0000

I have reviewed the draft.

Since the last update of this draft, a full collision has been found. 

Do the authors intend to update the draft to state that SHA1 SHOULD NOT be used for DNSSEC signing (DNSKEY algorithm 5,6,7) and for DNSSEC Delegation (DS and CDS algorithm 1) ?

Please also refrain from using MUST- SHOULD+ and SHOULD-.

Roy



> On 5 Jan 2017, at 21:28, Tim Wicinski <tjw.ietf@gmail.com> wrote:
> 
> All
> 
> Since we're having so much fun on adopting work, let's have another one.  We discussed this work in Seoul, and there was a solid hum on adopting this work.
> 
> This starts a Call for Adoption for:
> draft-wouters-sury-dnsop-algorithm-update
> 
> The draft is available here:
> https://datatracker.ietf.org/doc/draft-wouters-sury-dnsop-algorithm-update/
> 
> Please review this draft to see if you think it is suitable for adoption by DNSOP, and comments to the list, clearly stating your view.
> 
> Please also indicate if you are willing to contribute text, review, etc.
> 
> This call for adoption ends: 19 January 2017
> 
> Thanks,
> tim wicinski
> DNSOP co-chair
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop