[DNSOP] [Errata Rejected] RFC8624 (8144)
RFC Errata System <rfc-editor@rfc-editor.org> Mon, 02 June 2025 05:14 UTC
Return-Path: <wwwrun@rfcpa.rfc-editor.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from rfcpa.rfc-editor.org (unknown [167.172.21.234]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id BE1952F8A8FC; Sun, 1 Jun 2025 22:14:04 -0700 (PDT)
Received: by rfcpa.rfc-editor.org (Postfix, from userid 461) id 80B3527BA35; Sun, 1 Jun 2025 22:14:04 -0700 (PDT)
To: rwagner@tesla.net, pwouters@redhat.com, ondrej@isc.org
From: RFC Errata System <rfc-editor@rfc-editor.org>
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20250602051404.80B3527BA35@rfcpa.rfc-editor.org>
Date: Sun, 01 Jun 2025 22:14:04 -0700
Message-ID-Hash: D4G6XHDV3LTUCKDODS2GC6MUPCCRUMBP
X-Message-ID-Hash: D4G6XHDV3LTUCKDODS2GC6MUPCCRUMBP
X-MailFrom: wwwrun@rfcpa.rfc-editor.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: mohamed.boucadair@orange.com, iesg@ietf.org, dnsop@ietf.org, rfc-editor@rfc-editor.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] [Errata Rejected] RFC8624 (8144)
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/fhtFnDlm2n97fHmafstSbJTgsRw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
The following errata report has been rejected for RFC8624, "Algorithm Implementation Requirements and Usage Guidance for DNSSEC". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid8144 -------------------------------------- Status: Rejected Type: Technical Reported by: Robert Wagner <rwagner@tesla.net> Date Reported: 2024-10-16 Rejected by: Mohamed Boucadair (IESG) Section: 3.3 Original Text ------------- This document updates the IANA registry "Delegation Signer (DS) Resource Record (RR) Type Digest Algorithms". The registry has been updated by the following table from section 3.3: +--------+-----------------+-------------------+-------------------+ | Number | Mnemonics | DNSSEC Delegation | DNSSEC Validation | +--------+-----------------+-------------------+-------------------+ | 0 | NULL (CDS only) | MUST NOT [*] | MUST NOT [*] | | 1 | SHA-1 | MUST NOT | MUST | | 2 | SHA-256 | MUST | MUST | | 3 | GOST R 34.11-94 | MUST NOT | MAY | | 4 | SHA-384 | MAY | RECOMMENDED | +--------+-----------------+-------------------+-------------------+ Corrected Text -------------- This document updates the IANA registry "Delegation Signer (DS) Resource Record (RR) Type Digest Algorithms". The registry has been updated by the following table from section 3.3: +--------+-----------------+-------------------+-------------------+ | Number | Mnemonics | DNSSEC Delegation | DNSSEC Validation | +--------+-----------------+-------------------+-------------------+ | 0 | NULL (CDS only) | MUST NOT [*] | MUST NOT [*] | | 1 | SHA-1 | MUST NOT | MUST | | 2 | SHA-256 | MUST | MUST | | 3 | GOST R 34.11-94 | MUST NOT | MAY | | 4 | SHA-384 | MAY | RECOMMENDED | | 5 | SHA-512 | MAY | MAY | +--------+-----------------+-------------------+-------------------+ Notes ----- Requesting DNSSEC be allowed to fully support the Commercial National Security Algorithm Suite 2.0 - series of hashes. This is part of NISTs Post Quantum Cryptography effort --VERIFIER NOTES-- Please see * https://mailarchive.ietf.org/arch/msg/dnsop/KXEI6RgnkN-S4uKL8DvhwGEsYrI/ * https://mailarchive.ietf.org/arch/msg/dnsop/EgKunMFXJ_0ZxHvhRNQTPBvccIY/ -------------------------------------- RFC8624 (draft-ietf-dnsop-algorithm-update-10) -------------------------------------- Title : Algorithm Implementation Requirements and Usage Guidance for DNSSEC Publication Date : June 2019 Author(s) : P. Wouters, O. Sury Category : PROPOSED STANDARD Source : Domain Name System Operations Stream : IETF Verifying Party : IESG
- [DNSOP] [Errata Rejected] RFC8624 (8144) RFC Errata System