Re: [DNSOP] Last Call: <draft-ietf-dnsop-algorithm-update-05.txt> (Algorithm Implementation Requirements and Usage Guidance for DNSSEC) to Proposed Standard

Warren Kumari <> Mon, 04 March 2019 15:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 97EE912D4F3 for <>; Mon, 4 Mar 2019 07:24:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id S1Z73uj80mZy for <>; Mon, 4 Mar 2019 07:24:17 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4864:20::434]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4229E131055 for <>; Mon, 4 Mar 2019 07:24:14 -0800 (PST)
Received: by with SMTP id w2so5975414wrt.11 for <>; Mon, 04 Mar 2019 07:24:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LiAND63zrSrJFlmS47Ig+70knmIzQFRDifEkwDb81Ig=; b=GK0DfjuYSR23tQCYCzP9aFzSvmwWFXXjmkv6YgF6njpbmka36UO4LVPyOAkQEnPoAg 7U8FiAgGvGzZT8A17bWF8uFXm3QNP2rQQ9k1tZgaLe9uzON2b3QxtL6x6W/o8lAbG6jn 4uUjJwwPZHuxYfXMiNNB9ERBoGrLR/f1p7qtMXhIdPw6nM+P0gd4/yfiAQhxS8rssHVQ BLvDO3gdmt0RWF6wBHTj/fYScs2ImudRHkAiQM2DeJBAcZdDxYDHRF9nn3UvvQwk32bi SrJsZb3qD7y6v7iphs+1+CGm4JKnQYErtmaGp1icJ6L9LtY5Vi7OUJRCJeDPw/jY8TFn zdsA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LiAND63zrSrJFlmS47Ig+70knmIzQFRDifEkwDb81Ig=; b=nFmcGw7/b9Yl5J3p2B9YfxGdwSSeTAQS6cL5q1DQTJEFmupQANkFmQ0+F2ov+Sz4c0 SvhPcK2rnQiHuPceCWnc5g1Q51CG/lnNIq0OTx2qzgWq2cN87zIVz5CpOVyzUSFis0sq 0OQhsb5iezqLRk6ttVzcsqatJwLGFX28lq/FrWlvHaj33b2fmT26PmsyTAsvrCL8HHTC vrVmrWletHeMmdAcq5v1stSXn691+RiVtw948RMeeGWI9XtbWzOk9jlaYXvE7GlUbo9U PaF9fTeRQTmkO5qOacaKEsIi5TvpjwewKo+z84f8uJgGsfIZwee6WD1DGaxwzA2RXWab wKdw==
X-Gm-Message-State: APjAAAX7a8k9uMlWKhOmSQYO5BKKz/kUUOuucMt1vgISuFGK363LYM+v hip4dB2eelaHafpZtLJNXvCKAaSxEStqJKoZaRsjvN9fMS0=
X-Google-Smtp-Source: APXvYqwg6ycoKDLPdkFeKjW4PivG0/V3EBlaFIshF55MkyZFu9VSkRO1mn/YkYrlFZjKX2y0ClptVR6dQORULW4gpms=
X-Received: by 2002:a05:6000:10cf:: with SMTP id b15mr13457684wrx.32.1551713051861; Mon, 04 Mar 2019 07:24:11 -0800 (PST)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: Warren Kumari <>
Date: Mon, 4 Mar 2019 10:23:35 -0500
Message-ID: <>
To: Peter van Dijk <>
Cc: dnsop <>
Content-Type: multipart/alternative; boundary="0000000000003ff6570583465928"
Archived-At: <>
Subject: Re: [DNSOP] Last Call: <draft-ietf-dnsop-algorithm-update-05.txt> (Algorithm Implementation Requirements and Usage Guidance for DNSSEC) to Proposed Standard
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 04 Mar 2019 15:24:20 -0000

On Thu, Feb 28, 2019 at 10:13 AM Peter van Dijk <>

> On 13 Feb 2019, at 20:29, The IESG wrote:
> > The IESG has received a request from the Domain Name System Operations
> > WG
> > (dnsop) to consider the following document: - 'Algorithm
> > Implementation
> > Requirements and Usage Guidance for DNSSEC'
> >   <draft-ietf-dnsop-algorithm-update-05.txt> as Proposed Standard
> >
> > The IESG plans to make a decision in the next few weeks, and solicits
> > final
> > comments on this action. Please send substantive comments to the
> > mailing lists by 2019-02-27. Exceptionally, comments may
> > be
> > sent to instead. In either case, please retain the
> > beginning of
> > the Subject line to allow automated sorting.
> As this pertains to a section that will apparently be removed for
> publication, only posting it here on dnsop@ for historical reasons:
So, RFC7942 (the one about "The Implementation Status" section) says that
this section should contain a note asking for it to be removed (and even
includes boilerplate to copy and paste) -- this document instead says "The
following table contains the status of support in the open-source DNS
signers and validators in the current released versions as of the time
writing this document." which implies it will be left in the document. I
personally think that this is good / helpful, but am not sure how the rest
of the IESG will feel about this...

As of 28-Feb-2019 14:02 I see pdns-4.2.0-beta1 available for download, so I
think that doing what Peter requests is fine.

So, my plan is to 1: ask the authors to please swap the Y to an N as below
and 2: progress the document with the hope that this section will survive
the publication process.

The March telechats are often really full - ADs who are leaving the IESG
try and get old / stuck work finished and off their plate - and so this
would likely only show up on the 2019-04-11 telechat -- so if anyone really
objects to this being (attempted to be) left in, please shout.


> PowerDNS has removed all GOST support as of version 4.2, which is due to
> be released any day now, so please change that cell in section 6.1 to N.
> Kind regards,
> --
> Peter van Dijk
> PowerDNS.COM BV -
> _______________________________________________
> DNSOP mailing list

I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of