Return-Path: <libor.peltan@nic.cz>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by ietfa.amsl.com (Postfix) with ESMTP id EF27BC151073
	for <dnsop@ietfa.amsl.com>; Wed, 17 Jul 2024 21:11:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level: 
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5
	tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
	DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
	RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001,
	SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001,
	URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001]
	autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
	header.d=nic.cz
Received: from mail.ietf.org ([50.223.129.194])
	by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id EdYrNpOFdhPC for <dnsop@ietfa.amsl.com>;
	Wed, 17 Jul 2024 21:11:21 -0700 (PDT)
Received: from mail.nic.cz (mail.nic.cz [IPv6:2001:1488:800:400::400])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ietfa.amsl.com (Postfix) with ESMTPS id B7298C151069
	for <dnsop@ietf.org>; Wed, 17 Jul 2024 21:11:21 -0700 (PDT)
Received: from [192.168.207.253] (89-24-37-112.nat.epc.tmcz.cz [89.24.37.112])
	by mail.nic.cz (Postfix) with ESMTPSA id B65941C1234;
	Thu, 18 Jul 2024 06:11:17 +0200 (CEST)
Authentication-Results: mail.nic.cz;
	auth=pass smtp.auth=libor.peltan@nic.cz smtp.mailfrom=libor.peltan@nic.cz
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nic.cz; s=default;
	t=1721275878; bh=ToYr09NAHjvBSGnt78v9JdDWCHsnrdMuscMSrKqLQlI=;
	h=Date:Subject:To:Cc:References:From:In-Reply-To:From:Reply-To:
	 Subject:To:Cc;
	b=jBmb7ykl+9nBdMXv1tLor8xgoTv9nmfF/m0LTjhIYKxwsAznnYTBjKGOcPyvCAAVg
	 n940FxZqH2AQCPUJrzd3Hl+Lc0xfae6C5ZjW2+EMiIWicempr8WoSND4BlfflYNSkh
	 LQkFsHpgWsmA52okerplXCPRyyOZ5/OSfh9XH3C8=
Message-ID: <d48d8d3c-ee46-4bde-8337-7c6f91d73a89@nic.cz>
Date: Thu, 18 Jul 2024 06:11:16 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: Mark Andrews <marka@isc.org>, Yorgos Thessalonikefs <yorgos@nlnetlabs.nl>
References: 
 <172046952695.458153.14393628216486074514@dt-datatracker-5f88556585-j5r2h>
 <659a0f2a-eb82-4769-ad80-63e4f3a24978@nlnetlabs.nl>
 <BBA7FDFF-34AE-4881-AAB0-27CE71692824@isc.org>
Content-Language: en-US
From: "libor.peltan" <libor.peltan@nic.cz>
In-Reply-To: <BBA7FDFF-34AE-4881-AAB0-27CE71692824@isc.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 0.103.10 at mail
X-Virus-Status: Clean
X-Rspamd-Server: mail
X-Rspamd-Action: no action
X-Rspamd-Queue-Id: B65941C1234
X-Spamd-Bar: -----
X-Spamd-Result: default: False [-5.09 / 20.00];
	BAYES_HAM(-5.00)[100.00%];
	MIME_GOOD(-0.10)[text/plain];
	XM_UA_NO_VERSION(0.01)[];
	RCVD_COUNT_ZERO(0.00)[0];
	ARC_NA(0.00)[];
	ASN(0.00)[asn:13036, ipnet:89.24.0.0/16, country:CZ];
	MID_RHS_MATCH_FROM(0.00)[];
	NEURAL_HAM(-0.00)[-0.955];
	FROM_HAS_DN(0.00)[];
	TO_DN_ALL(0.00)[];
	MIME_TRACE(0.00)[0:+];
	FROM_EQ_ENVFROM(0.00)[];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	RCPT_COUNT_THREE(0.00)[3]
Message-ID-Hash: VYPQ64KL2EVCKWOOZ4L52DPJQUDVP46W
X-Message-ID-Hash: VYPQ64KL2EVCKWOOZ4L52DPJQUDVP46W
X-MailFrom: libor.peltan@nic.cz
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0;
 nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size;
 news-moderation; no-subject; digests; suspicious-header
CC: dnsop <dnsop@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: =?utf-8?q?=5BDNSOP=5D_Re=3A_New_Version_Notification_for_draft-yorgos-dnsop-?=
 =?utf-8?q?dry-run-dnssec-02=2Etxt?=
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: 
 <https://mailarchive.ietf.org/arch/msg/dnsop/XtIlXJEokAoDbdEHa2e_FZraoNI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

Hi,

Dne 17. 07. 24 v 2:18 Mark Andrews napsal(a):
> It is possible to have only burn a single DS Digest Type Algorithm and support
> multiple future algorithms by encoding the actual DS Digest Type Algorithm as
> the first byte of the current digest field.

This is certainly possible, but I think both approches have their 
dis/advantages.

I guess having the dry-run DS and regular DS look equivalent would be 
more comprehensible to DNSSEC beginners.

I seem to remember this discussion has already been performed. If the 
authors considered both approaches and decided for the burning-algorithm 
method, they might want to summarize the arguments in the draft.

Libor