Re: draft-ietf-dnsext-dnssec-gost

Andrew Sullivan <> Fri, 12 February 2010 15:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4F73228C1AA for <>; Fri, 12 Feb 2010 07:38:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.07
X-Spam-Status: No, score=-2.07 tagged_above=-999 required=5 tests=[AWL=0.529, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 2aFl8OyEdza6 for <>; Fri, 12 Feb 2010 07:38:11 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 5968028B23E for <>; Fri, 12 Feb 2010 07:38:11 -0800 (PST)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id B1E501ECB4E8; Fri, 12 Feb 2010 15:39:28 +0000 (UTC)
Date: Fri, 12 Feb 2010 10:39:27 -0500
From: Andrew Sullivan <>
To: Basil Dolmatov <>
Subject: Re: draft-ietf-dnsext-dnssec-gost
Message-ID: <>
References: <p06240806c799d87e7406@[]> <> <> <p06240804c79a234f3ad8@[]> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.18 (2008-05-17)
Cc:, Paul Hoffman <>, Olafur Gudmundsson <>,
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 12 Feb 2010 15:38:12 -0000

On Fri, Feb 12, 2010 at 03:12:30PM +0300, Basil Dolmatov wrote:

> ...have had much less _published_ cryptographic review... I would say. ;)

I am not a security expert, but I've never met one who thought that
unpublished cryptographic review was worth a dime.  Moreover, for the
purposes of the IETF, if something isn't published it might as well
not exist: we have no way of knowing one way or the other.

If you mean "published to a limited and vetted community of
NDA-covered experts", that might yield different conclusions about the
value of the review (depending I guess on how free those experts think
they are to disagree).  But it would have no effect on the value of
those reviews for IETF purposes, which just depends on the publication
(and, actually, publication in a language the community can

I have no feelings about the merits of the algorithm.  But there are
too many side issues in this discussion already without us getting
into a battle of whether the review is adequate: the reviews aren't
apparently available as far as this community is concerned,
unfortunately, even if they've been done


Andrew Sullivan
Shinkuro, Inc.