Re: [DNSOP] [Ext] Call for Adoption: draft-hardaker-dnsop-rfc8624-bis, must-not-sha1, must-not-ecc-gost
John R Levine <johnl@taugh.com> Thu, 02 May 2024 12:32 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4363AC15198B for <dnsop@ietfa.amsl.com>; Thu, 2 May 2024 05:32:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="iTHXI0pQ"; dkim=pass (2048-bit key) header.d=taugh.com header.b="eB0aNStY"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e5Q61-G1YXWy for <dnsop@ietfa.amsl.com>; Thu, 2 May 2024 05:32:09 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F9EEC151980 for <dnsop@ietf.org>; Thu, 2 May 2024 05:32:08 -0700 (PDT)
Received: (qmail 19681 invoked from network); 2 May 2024 12:32:06 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=4cce663387c6.k2405; bh=kYNrgXNu1u21o8434ah2eteQ5YLGGr5wN82SMoCqlo0=; b=iTHXI0pQZsqWAFsUL05dUooFBWytGdU6+bUTb3UlcClxehSHSFhXmDzvHf24ft+EPIBjR8ZLaDD2rSc1sP1fDsyNYtOdAw/qfUCF5mdW1egj/A8tvHo3kUYILXAazeDLif3VkauIIJQqYNI3vmf4i5O/R+NKbn1gdmidPTBgSF0gNypQ+RPGR2GYJx3w3k890LWCCuCtvpk1OH5ip2q00UEDpRGmfGOocu85gKAmxoTDkWqYLRBBM8MbMpljENyySGSkQ9CSHRVqEu6ZACqyoJuG4c62lcAbdNXsWRvV5ktpMcwtXAkALxufN7Cnl3OZifU6WApvIpIfdIQ/Rp0dDg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=4cce663387c6.k2405; bh=kYNrgXNu1u21o8434ah2eteQ5YLGGr5wN82SMoCqlo0=; b=eB0aNStY/49HmT13zulgWilL3D/1Bf63LeK0n3ECWVmBTQrGJ43Pl/xYLTHplyK5Txgn6Z3Ev2TAXRTeRHWn08IYM6fT9tEFI4Vu2WFDalt4Czl1LnPf5l2l90aDSj+dLib5OMPy7PU8IN+61P+vBcPBp+fXjRTVkbp0G2wHpyHNQm5fXtbJ0Ia4m/lcrUxWvhyists6aCnXIbBD8WtUN1NwlNecXbxXQZ+1v36FPHdxc4qKwhZxnoSKoDwLg+hZBHycQWsRNgpLLmVxq+cwsQg78qKa80OeuSnUVkm7fjqRsK+BNFrUte+XM2f5VEulq7hKCPVYHe3kDMdxoQhPiA==
Received: from ary.local ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 02 May 2024 12:32:06 -0000
Received: by ary.local (Postfix, from userid 501) id 6437889EFE4F; Thu, 2 May 2024 08:32:07 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by ary.local (Postfix) with ESMTP id 3166C89EFE30; Thu, 2 May 2024 08:32:07 -0400 (EDT)
Date: Thu, 02 May 2024 08:32:07 -0400
Message-ID: <a208a6ae-f476-0b53-15eb-4e289a1cbabe@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Philip Homburg <pch-dnsop-5@u-1.phicoh.com>, dnsop@ietf.org
X-X-Sender: johnl@ary.local
In-Reply-To: <m1s2VGb-0000LcC@stereo.hq.phicoh.net>
References: <m1s2VGb-0000LcC@stereo.hq.phicoh.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/YATxM2-54FAEznedEpmxAQqX16c>
Subject: Re: [DNSOP] [Ext] Call for Adoption: draft-hardaker-dnsop-rfc8624-bis, must-not-sha1, must-not-ecc-gost
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2024 12:32:14 -0000
>> I'm with Peter, I do not see a MUST NOT as requiring vendors or operators >> to do stupid stuff. > > For my understanding, do you mean to say that if we publish that a signer > MUST NOT generate signatures using algorithms 5 and 7, then the signer can > just do that if it generates and annoying warning each time you sign? > > To me that sounds more like a SHOULD NOT. MUST NOT is advice on how to interoperate, not on how to write software tools. It's up to the zone operator to follow the advice, not to the tool provider to hold them hostage. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- [DNSOP] Call for Adoption: draft-hardaker-dnsop-r… Tim Wicinski
- Re: [DNSOP] Call for Adoption: draft-hardaker-dns… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Wes Hardaker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Wes Hardaker
- Re: [DNSOP] Questions before adopting must-not-sh… Paul Wouters
- Re: [DNSOP] Questions before adopting must-not-sh… jabley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… S Moonesamy
- [DNSOP] Questions before adopting must-not-sha1 Paul Hoffman
- Re: [DNSOP] Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] Questions before adopting must-not-sh… John Levine
- Re: [DNSOP] Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] Call for Adoption: draft-hardaker-dns… Wes Hardaker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John R Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- [DNSOP]Re: [Ext] Re: Questions before adopting mu… Kim Davies
- Re: [DNSOP] Questions before adopting must-not-sh… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- [DNSOP] Re: Call for Adoption: draft-hardaker-dns… Tim Wicinski
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John R Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- Re: [DNSOP] Call for Adoption: draft-hardaker-dns… Mark Andrews
- [DNSOP] Re: Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Scott Morizot
- [DNSOP] Re: [Ext] Call for Adoption: draft-hardak… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Peter Thomassen
- [DNSOP] Re: Questions before adopting must-not-sh… Steve Crocker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Steve Crocker
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… John R Levine
- [DNSOP] Re: Questions before adopting must-not-sh… Peter Thomassen
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Wouters
- [DNSOP] Re: Questions before adopting must-not-sh… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Philip Homburg
- [DNSOP] Re: Questions before adopting must-not-sh… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-hardak… Mark Andrews
- [DNSOP] Re: Questions before adopting must-not-sh… Petr Menšík