Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-algorithm-update

Ondřej Surý <ondrej@isc.org> Tue, 23 October 2018 17:39 UTC

Return-Path: <ondrej@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EEBA130E9F for <dnsop@ietfa.amsl.com>; Tue, 23 Oct 2018 10:39:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.921
X-Spam-Level:
X-Spam-Status: No, score=-5.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OBDEhUJ_j9t5 for <dnsop@ietfa.amsl.com>; Tue, 23 Oct 2018 10:39:25 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 852171274D0 for <dnsop@ietf.org>; Tue, 23 Oct 2018 10:39:25 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 72CAF3AB042; Tue, 23 Oct 2018 17:39:25 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id 60DAD160077; Tue, 23 Oct 2018 17:39:25 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 521A3160076; Tue, 23 Oct 2018 17:39:25 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id a6gDD2ksiCWq; Tue, 23 Oct 2018 17:39:25 +0000 (UTC)
Received: from [10.10.0.181] (40.20.broadband5.iol.cz [88.100.20.40]) by zmx1.isc.org (Postfix) with ESMTPSA id 4FE24160042; Tue, 23 Oct 2018 17:39:24 +0000 (UTC)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.1 \(3445.100.43\))
From: =?utf-8?B?T25kxZllaiBTdXLDvQ==?= <ondrej@isc.org>
In-Reply-To: <20181016.000457.1043014259425988884.fujiwara@jprs.co.jp>
Date: Tue, 23 Oct 2018 19:39:21 +0200
Cc: tjw.ietf@gmail.com, dnsop@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <2D91032A-6054-477D-AE35-4EE3B924DEFF@isc.org>
References: <CADyWQ+GqybVhe6c-L_LyFB4wQPxOhOfMy_uwv46nSc2Y5-7FEQ@mail.gmail.com> <CADyWQ+Eq5OV5gi90-oCgAJ53yQ6-pw6+Aa+jDyoMLF8dSoZY_A@mail.gmail.com> <20181016.000457.1043014259425988884.fujiwara@jprs.co.jp>
To: "fujiwara@jprs.co.jp" <fujiwara@jprs.co.jp>, Paul Wouters <paul@nohats.ca>
X-Mailer: Apple Mail (2.3445.100.43)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/iO_XyDP8Zwlx8XdhDLc-Rj-pDHE>
Subject: Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-algorithm-update
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Oct 2018 17:39:28 -0000

Fujiwara-san,

I don’t exactly understand why such table would be better than existing text that say:

> 3.2.  DNSKEY Algorithm Recommendation
> 
>    Operation recommendation for new and existing deployments.
> 
>    Due to industry-wide trend to move to elliptic curve cryptography,
>    the ECDSAP256SHA256 is RECOMMENDED for use by new DNSSEC deployments,
>    and users of RSA based algorithms SHOULD upgrade to ECDSAP256SHA256.


I believe this is clear enough.

As for the second column, I am strongly opposed to saying what would the recommendation
be in ‘2 years’.  We have no idea about the deployment of Ed25519 resolvers[*], neither about
RSA.

But this is a type of document that needs to be regularly refreshed when needed, so we can
issue another update in 2-5 years...

Ondrej

* - I also suspect that saying “usable” is too optimistic given that support for Ed25519 requires
new OpenSSL 1.1.0 and the general glacier-speed deployments of new software.
--
Ondřej Surý
ondrej@isc.org

> On 15 Oct 2018, at 17:04, fujiwara@jprs.co.jp wrote:
> 
> WGLC comment to draft-ietf-dnsop-algorithm-update-02
> 
> Section 3.2 is "recommendations for operators".
> 
> There is texts that discuss ECDSAP256SHA256 only in section 3.2.
> However, RSASHA256 is still usable.
> Please add text about other algorithms.
> if there is a table similar to section 3.1, it will help operators.
> 
> For example,
>                 choice of                | choice of
>                 sigining algorithm (now) | sigining algorithm (2 years Later)
>  ----------------------------------------------------------------------------
>  RSASHA1*        MUST NOT                | MUST NOT
>  RSASHA256       usable                  | usable/consider change to EC*/Ed*
>  ECDSAP256*      usable                  | usable
>  Ed25519         MAY                     | usable
> 
> 
> Regards,
> 
> --
> Kazunori Fujiwara, JPRS <fujiwara@jprs.co.jp>;
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop