Protocol Action: 'Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC' to Proposed Standard

The IESG <iesg-secretary@ietf.org> Fri, 02 October 2009 16:20 UTC

Return-Path: <wwwrun@core3.amsl.com>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 30) id 6AE7A3A6A6E; Fri, 2 Oct 2009 09:20:23 -0700 (PDT)
X-idtracker: yes
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC' to Proposed Standard
Message-Id: <20091002162023.6AE7A3A6A6E@core3.amsl.com>
Date: Fri, 2 Oct 2009 09:20:23 -0700 (PDT)
Cc: dnsext mailing list <namedroppers@ops.ietf.org>, dnsext chair <dnsext-chairs@tools.ietf.org>, Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Oct 2009 16:20:23 -0000

The IESG has approved the following document:

- 'Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records 
   for DNSSEC '
   <draft-ietf-dnsext-dnssec-rsasha256-14.txt> as a Proposed Standard


This document is the product of the DNS Extensions Working Group. 

The IESG contact persons are Ralph Droms and Jari Arkko.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-rsasha256-14.txt

Technical Summary

   This document describes how to produce RSA/SHA-256 and RSA/SHA-512
   DNSKEY and RRSIG resource records for use in the Domain Name System
   Security Extensions (DNSSEC, RFC 4033, RFC 4034, and RFC 4035).

Working Group Summary

   The DNS Extensions Working Group had consensus to publish the
   document. 

Document Quality

   The document received thorough review, and it is expected that
   vendors supporting DNSSEC will implement SHA-2 once the document is
   published. During Working Group Last Call, there were objections
   that an earlier approach, which tied SHA-2 to implementation of
   NSEC3, would be a barrier for adoption by some vendors, so the
   specification was changed to avoid the link.

Personnel

   Andrew Sullivan (ajs@shinkuro.com) is the Document Shepherd.
   Ralph Droms (rdroms@cisco.com) is the Responsible AD.