Re: [DNSOP] [Ext] Call for Adoption: draft-hardaker-dnsop-rfc8624-bis, must-not-sha1, must-not-ecc-gost
Paul Wouters <paul@nohats.ca> Tue, 30 April 2024 14:22 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D55EDC14F699 for <dnsop@ietfa.amsl.com>; Tue, 30 Apr 2024 07:22:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.431
X-Spam-Level:
X-Spam-Status: No, score=-6.431 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N8VnUsfFMMo2 for <dnsop@ietfa.amsl.com>; Tue, 30 Apr 2024 07:22:41 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCD65C14F5ED for <dnsop@ietf.org>; Tue, 30 Apr 2024 07:22:41 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 4VTMq33fQDz9yn; Tue, 30 Apr 2024 16:22:39 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1714486959; bh=7CGjLXvP5vYv0ccABE5o7vBk8JeALTbm6iwBxUzPlCE=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=IWzBglwbZ6oaMObOLsMAwBWuTHpV8e7v1AshNSO0ELdO2kPE62HnJHqA4hiQJJtbQ HhfVcOftKg5jsEX/QcvP5W3gBc09gEqx9We8GickZvmrhCkvMaazatoHuB5EZzVN5C Lo/qZFhOCh/4AK+S+UG7rQVkw4hcXp6gE+ukkJ+Y=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 5syELy_x1RSX; Tue, 30 Apr 2024 16:22:38 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [193.110.157.194]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Tue, 30 Apr 2024 16:22:38 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 97A5811DE4B6; Tue, 30 Apr 2024 10:22:37 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 947E111DE4B5; Tue, 30 Apr 2024 10:22:37 -0400 (EDT)
Date: Tue, 30 Apr 2024 10:22:37 -0400
From: Paul Wouters <paul@nohats.ca>
To: Mark Andrews <marka@isc.org>
cc: "dnsop@ietf.org WG" <dnsop@ietf.org>
In-Reply-To: <76D423CC-F174-4B89-A186-499E78448C2D@isc.org>
Message-ID: <b4597e7a-8b5c-7302-250e-bba718b82a81@nohats.ca>
References: <D95A2D1F-1203-4434-B643-DDFB5C24A161@icann.org> <67B93EF4-6B70-402E-9D78-1A079538CA18@strandkip.nl> <m1s1Wur-0000LDC@stereo.hq.phicoh.net> <f0f9c0ce-2911-9b4c-0d60-47c204add2d4@nohats.ca> <76D423CC-F174-4B89-A186-499E78448C2D@isc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Q19DRHYG1y3DdCOnzmGWArtwth8>
Subject: Re: [DNSOP] [Ext] Call for Adoption: draft-hardaker-dnsop-rfc8624-bis, must-not-sha1, must-not-ecc-gost
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Apr 2024 14:22:46 -0000
On Tue, 30 Apr 2024, Mark Andrews wrote: > They DO NOT disable SHA1. They disable RSASHA1. The distinction is > important. NSEC3 works fine on them. There were issues with NSEC3's use of SHA1 as well. I am failing to find the reports on this now unfortunately. Paul
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- [DNSOP] Call for Adoption: draft-hardaker-dnsop-r… Tim Wicinski
- Re: [DNSOP] Call for Adoption: draft-hardaker-dns… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Wes Hardaker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Wes Hardaker
- Re: [DNSOP] Questions before adopting must-not-sh… Paul Wouters
- Re: [DNSOP] Questions before adopting must-not-sh… jabley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… S Moonesamy
- [DNSOP] Questions before adopting must-not-sha1 Paul Hoffman
- Re: [DNSOP] Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] Questions before adopting must-not-sh… John Levine
- Re: [DNSOP] Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] Call for Adoption: draft-hardaker-dns… Wes Hardaker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John R Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- [DNSOP]Re: [Ext] Re: Questions before adopting mu… Kim Davies
- Re: [DNSOP] Questions before adopting must-not-sh… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- [DNSOP] Re: Call for Adoption: draft-hardaker-dns… Tim Wicinski
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John R Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- Re: [DNSOP] Call for Adoption: draft-hardaker-dns… Mark Andrews
- [DNSOP] Re: Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- [DNSOP] Re: [Ext] Call for Adoption: draft-hardak… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- [DNSOP] Re: Questions before adopting must-not-sh… Steve Crocker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Steve Crocker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John R Levine
- [DNSOP] Re: Questions before adopting must-not-sh… Peter Thomassen
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- [DNSOP] Re: Questions before adopting must-not-sh… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík