Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-curdle-dnskey-eddsa-02.txt
Paul Wouters <paul@nohats.ca> Tue, 15 November 2016 08:00 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFE6B129676 for <dnsop@ietfa.amsl.com>; Tue, 15 Nov 2016 00:00:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.495
X-Spam-Level:
X-Spam-Status: No, score=-3.495 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UlkC2XdPt6bv for <dnsop@ietfa.amsl.com>; Tue, 15 Nov 2016 00:00:53 -0800 (PST)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18F71129631 for <dnsop@ietf.org>; Tue, 15 Nov 2016 00:00:53 -0800 (PST)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3tJ0FF6bjjz3FN for <dnsop@ietf.org>; Tue, 15 Nov 2016 09:00:49 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1479196849; bh=1ToqvLdWq4qPON+cuqtol4kB2iK4V5Aze6Rvq+K/Kro=; h=From:Date:Subject:References:In-Reply-To:To; b=i5RKvqNgoBu/LSOYcgS8RA87NSwYtbll9DtGxXqpNmUX/QcmvbS8iQf3XW58iFiN3 T82ddSOgqxpVveU1H+Po9+JWNct/ufVUv3kKdC+h67gegOn+yjsZysa5yUi6uc7DJr MqNbQIwtbrkAq8jpZTjaiSKgt8SbeDxgx93L8hOw=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 7kKJ7bxfwS4D for <dnsop@ietf.org>; Tue, 15 Nov 2016 09:00:44 +0100 (CET)
Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS for <dnsop@ietf.org>; Tue, 15 Nov 2016 09:00:43 +0100 (CET)
Received: from [31.133.136.30] (unknown [31.133.136.30]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by bofh.nohats.ca (Postfix) with ESMTPSA id 0708712EAE1 for <dnsop@ietf.org>; Tue, 15 Nov 2016 03:00:42 -0500 (EST)
DKIM-Filter: OpenDKIM Filter v2.10.3 bofh.nohats.ca 0708712EAE1
From: Paul Wouters <paul@nohats.ca>
Content-Type: multipart/alternative; boundary="Apple-Mail-AB774D9D-B805-4AC3-8A0F-86D60FC6718D"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (1.0)
Date: Tue, 15 Nov 2016 17:00:39 +0900
Message-Id: <AEB805EE-7F2F-4363-B096-CA954B232119@nohats.ca>
References: <147916501531.919.1356911194907095952.idtracker@ietfa.amsl.com> <1045632662.533.1479165738709.JavaMail.zimbra@nic.cz> <20161115075321.GL26244@mournblade.imrryr.org>
In-Reply-To: <20161115075321.GL26244@mournblade.imrryr.org>
To: dnsop@ietf.org
X-Mailer: iPhone Mail (14A456)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/VaoUn-ToNt34tHYNW6bv4CxPixQ>
Subject: Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-curdle-dnskey-eddsa-02.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Nov 2016 08:00:55 -0000
https://tools.ietf.org/html/draft-wouters-sury-dnsop-algorithm-update-02 Paul Sent from my iPhone > On Nov 15, 2016, at 16:53, Viktor Dukhovni <ietf-dane@dukhovni.org> wrote: > >> On Tue, Nov 15, 2016 at 12:22:18AM +0100, Ondřej Surý wrote: >> >> a new version of EDDSA for DNSSEC has been posted >> that resolves most if not all comments received >> during WGLC in curdle. This is one last chance >> to review the document, so don't miss it! :) > > My only comment is that I very much hope that the code-point > assignments for the new curves are accompanied by a deprecation of > at least as many obsolete algorithms that should no longer be used. > > Specifically, I'd like to see deprecation of algorithms: > > * 3 (DSA/SHA1) > * 5, (RSA/SHA-1, same as 7 but without possibility of NSEC3) > * 6 (DSA-NSEC3-SHA1, same as 3 with perhaps NSEC3, but both need to go) > * 12 (GOST R 34.10-2001) > except as required to meet any local regulations). > > If, while adding two new algorithms, we in parallel deprecate four > old ones, then we're making progress. > > -- > Viktor. > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop
- [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-curd… Ondřej Surý
- Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-… Viktor Dukhovni
- Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-… Jim Reid
- Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-… Paul Wouters
- Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-… Dick Franks
- Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-… Ondřej Surý
- Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-… Dick Franks
- Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-… Daniel Migault
- Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-… Ondřej Surý
- Re: [DNSOP] Fwd: [Curdle] I-D Action: draft-ietf-… Daniel Migault