[DNSOP] Re: Questions before adopting must-not-sha1
Philip Homburg <pch-dnsop-6@u-1.phicoh.com> Wed, 13 November 2024 16:55 UTC
Return-Path: <pch-b6CAFA0C7@u-1.phicoh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B62B9C15152C for <dnsop@ietfa.amsl.com>; Wed, 13 Nov 2024 08:55:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 194-tUxoohpt for <dnsop@ietfa.amsl.com>; Wed, 13 Nov 2024 08:55:35 -0800 (PST)
Received: from stereo.hq.phicoh.net (stereo.hq.phicoh.net [45.83.6.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AA0EC151070 for <dnsop@ietf.org>; Wed, 13 Nov 2024 08:55:33 -0800 (PST)
Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (TLS version=TLSv1.2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305) (Smail #158) id m1tBGeR-0000MfC; Wed, 13 Nov 2024 17:55:31 +0100
Message-Id: <m1tBGeR-0000MfC@stereo.hq.phicoh.net>
To: dnsop@ietf.org
From: Philip Homburg <pch-dnsop-6@u-1.phicoh.com>
Sender: pch-b6CAFA0C7@u-1.phicoh.com
References: <D95A2D1F-1203-4434-B643-DDFB5C24A161@icann.org> <67B93EF4-6B70-402E-9D78-1A079538CA18@strandkip.nl> <m1s1Wur-0000LDC@stereo.hq.phicoh.net> <f0f9c0ce-2911-9b4c-0d60-47c204add2d4@nohats.ca> <DB9D1C93-95D1-4B76-AD74-4C60433D479A@icann.org> <7dd5f090-b8b7-ea5e-82f2-d622298c7299@nohats.ca> <ybl7cgejxcr.fsf@wd.hardakers.net> <4907A4B7-1EAE-460D-91E8-4F7D292C7302@icann.org> <ybl34r2jv3n.fsf@wd.hardakers.net> <0334D9C1-F066-460A-893B-C4075FD0BE07@icann.org> <0e5914c7-d3fa-443c-8099-1b5bad39a50e@redhat.com> <m1tBFqG-0000LkC@stereo.hq.phicoh.net> <CABf5zvLLqfPDJk9dbVP-Qsg2T06Kr3BvfqJ3obf+R44SqZwRNA@mail.gmail.com>
In-reply-to: Your message of "Wed, 13 Nov 2024 19:10:48 +0300 ." <CABf5zvLLqfPDJk9dbVP-Qsg2T06Kr3BvfqJ3obf+R44SqZwRNA@mail.gmail.com>
Date: Wed, 13 Nov 2024 17:55:30 +0100
Message-ID-Hash: 4EBK3FKHPJCI5N2SJDXFOFXJHFHXETXN
X-Message-ID-Hash: 4EBK3FKHPJCI5N2SJDXFOFXJHFHXETXN
X-MailFrom: pch-b6CAFA0C7@u-1.phicoh.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Steve Crocker <steve@shinkuro.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: Questions before adopting must-not-sha1
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Ux5gD-KrlXhxcvTtwhWwvWtEVL0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
> See our I-D on lifecycle. It addresses this issue squarely. The problem is that RedHat went ahead and disabled support for SHASHA1 (in the default configuration). That results in systems that violate the current DNSSEC standards. It seems some people would like to change the standards in such way that RedHat is no longer violating them. Regarding draft-crocker-dnsop-dnssec-algorithm-lifecycle I have two questions: 1) Do we expect to delay draft-ietf-dnsop-must-not-sha1 until after the lifecycle has been accepted and published? 2) The intended status of the lifecycle draft is informational. Do we expect that the draft will have a big effect on the current discussion?
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- [DNSOP] Call for Adoption: draft-hardaker-dnsop-r… Tim Wicinski
- Re: [DNSOP] Call for Adoption: draft-hardaker-dns… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Wes Hardaker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Wes Hardaker
- Re: [DNSOP] Questions before adopting must-not-sh… Paul Wouters
- Re: [DNSOP] Questions before adopting must-not-sh… jabley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… S Moonesamy
- [DNSOP] Questions before adopting must-not-sha1 Paul Hoffman
- Re: [DNSOP] Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] Questions before adopting must-not-sh… John Levine
- Re: [DNSOP] Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] Call for Adoption: draft-hardaker-dns… Wes Hardaker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John R Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- [DNSOP]Re: [Ext] Re: Questions before adopting mu… Kim Davies
- Re: [DNSOP] Questions before adopting must-not-sh… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- [DNSOP] Re: Call for Adoption: draft-hardaker-dns… Tim Wicinski
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John R Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- Re: [DNSOP] Call for Adoption: draft-hardaker-dns… Mark Andrews
- [DNSOP] Re: Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- [DNSOP] Re: [Ext] Call for Adoption: draft-hardak… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- [DNSOP] Re: Questions before adopting must-not-sh… Steve Crocker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Steve Crocker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John R Levine
- [DNSOP] Re: Questions before adopting must-not-sh… Peter Thomassen
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- [DNSOP] Re: Questions before adopting must-not-sh… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík