Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-algorithm-update

Loganaden Velvindron <loganaden@gmail.com> Tue, 02 October 2018 13:41 UTC

Return-Path: <loganaden@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D52E124D68 for <dnsop@ietfa.amsl.com>; Tue, 2 Oct 2018 06:41:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hg0AW5XkzDdU for <dnsop@ietfa.amsl.com>; Tue, 2 Oct 2018 06:41:09 -0700 (PDT)
Received: from mail-io1-xd2f.google.com (mail-io1-xd2f.google.com [IPv6:2607:f8b0:4864:20::d2f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD1D712426A for <dnsop@ietf.org>; Tue, 2 Oct 2018 06:41:08 -0700 (PDT)
Received: by mail-io1-xd2f.google.com with SMTP id l25-v6so2104701ioj.0 for <dnsop@ietf.org>; Tue, 02 Oct 2018 06:41:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=EBfGKWg9KKnyi7oItp6r9A0oHnwV5j+bFeA+ZVDk8aU=; b=W2vf7YTjCuOaG05r41HfpCMC1vVyjkjsD3tKQg4+RsxqYvv//5v6WiErCbqmyERNPG 3y1IFI3nIK6BHS6L7ZKyPDZbIZQ9/AK3XPhM6XijiJQ8XHJRYUdirejPwXJFgSLQWOwW nrWzUIgFhqTe27Ip1a5sL5ztc44GaFgD7i/tXLVSqImXBmEwavihy0yCqSsmiS1YKWnB sYvBVTNKva+cZqedoib08xdWtOgw3+deZPLNhDBaY6e90X+3Bi3kKXPAq/k5wMezhaKq FjvmRzXUb00vrl8ux5etrEAxsYhAahOIgJ8owg/4DFmPU0sArRjo+eUCebFsT4gIuOBZ K1oA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=EBfGKWg9KKnyi7oItp6r9A0oHnwV5j+bFeA+ZVDk8aU=; b=cZlyuapiTl3nfSOKFOjv30SVtQUa6eOTHq5L+59Zy2aIVckJ5dE895Ub8kd4iP/j0h D7V8gp4Az/+3xhoDioJW7SpOezhnWVNp3steukclNJHmckLaMlva08Ttp9clzzJZGE7h MC4Wm+9Ksu6I2Ufsb1iWRcJEJboYrYU8/Xq14al8T9DUbzpDFdkDhfOgus5/z/zMVOit kV2DrYsBzOpE/Jlw2asFSOMzzEPuroRa5q4dT7utHUsRy06L6qcH/T6N2IViTi7m9nkR kaomNtGIt6CgvA/23/FZER59coNTI+X6FJRFSdLQoZ6lwF8tCxfwHE+ioKqts1jpy2yF H83g==
X-Gm-Message-State: ABuFfojM6knuN/CRxj06/pXzWVUf0iEHbnYjLG8kc4V7Lgs+SuaFma+i K5idnkBd0QGOO6qd3fTND+hG53YL15CSap9JgFU=
X-Google-Smtp-Source: ACcGV63W/Cj/n/0Ci+tiEFOfzCltNfuo1Wqy9vm/WRD1Ghkl7rXgz6cDd/kIk9xzPUErN0Hs6BhU2YO7balc13IedjQ=
X-Received: by 2002:a6b:c586:: with SMTP id v128-v6mr4221870iof.7.1538487668186; Tue, 02 Oct 2018 06:41:08 -0700 (PDT)
MIME-Version: 1.0
References: <CADyWQ+GqybVhe6c-L_LyFB4wQPxOhOfMy_uwv46nSc2Y5-7FEQ@mail.gmail.com>
In-Reply-To: <CADyWQ+GqybVhe6c-L_LyFB4wQPxOhOfMy_uwv46nSc2Y5-7FEQ@mail.gmail.com>
From: Loganaden Velvindron <loganaden@gmail.com>
Date: Tue, 2 Oct 2018 17:40:56 +0400
Message-ID: <CAOp4FwQOEBKzdJfjUo8WcpA-Jecp26APXbuQC8fBTM+GoOLwsw@mail.gmail.com>
To: Tim Wicinski <tjw.ietf@gmail.com>
Cc: dnsop@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/WxJPkZOHzcntCn6udCyX6weTXNw>
Subject: Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-algorithm-update
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2018 13:41:11 -0000

On Tue, Oct 2, 2018 at 4:51 PM Tim Wicinski <tjw.ietf@gmail.com>; wrote:
>
>
> The chairs and the authors of this document feel that the
> document is in solid shape to proceed to WGLC.
>
>
> This starts a Working Group Last Call for draft-ietf-dnsop-algorithm-update
>
> Current versions of the draft is available here:
> https://datatracker.ietf.org/doc/draft-ietf-dnsop-algorithm-update/
>

Section 3.1.

"
 RSASHA1 and RSASHA1-NSEC3-SHA1 are widely deployed, although zones
   deploying it are recommended to switch to ECDSAP256SHA256 as there is
   an industry-wide trend to move to elliptic curve cryptography.
"

And also this paragraph:
"

RSASHA256 is in wide use and considered strong.

"

My suggestion would be to include figures or at minimum a reference.
There is a document from ISOC with 3 tables where there is an analysis
of deployment DNSSEC worldwide.

https://www.internetsociety.org/wp-content/uploads/2017/08/ISOC-State-of-DNSSEC-Deployment-2016-v1.pdf,
Page 23 & Page 24.


> The Current Intended Status of this document is: Proposed Standard
>
> Please review the draft and offer relevant comments.
> If this does not seem appropriate please speak out.
> If someone feels the document is *not* ready for publication, please speak out with your reasons.
>
> This starts a two week Working Group Last Call process, and ends on:  16 October 2018
>
> thanks
> tim
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop