IETF Logo Mail Archive

Re: draft-ietf-dnsext-dnssec-gost

Basil Dolmatov <dol@cryptocom.ru> Fri, 12 February 2010 11:59 UTC

Return-Path: <dol@cryptocom.ru>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B0FA43A7698 for <ietf@core3.amsl.com>; Fri, 12 Feb 2010 03:59:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.129
X-Spam-Level:
X-Spam-Status: No, score=-1.129 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0dJsv6e68y-w for <ietf@core3.amsl.com>; Fri, 12 Feb 2010 03:59:24 -0800 (PST)
Received: from mx.cryptocom.ru (mx.cryptocom.ru [89.188.97.107]) by core3.amsl.com (Postfix) with ESMTP id D70A93A67C1 for <ietf@ietf.org>; Fri, 12 Feb 2010 03:59:23 -0800 (PST)
Received: from [10.51.22.241] (reedcat.lan.cryptocom.ru [10.51.22.241]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.cryptocom.ru (Postfix) with ESMTP id A093746640; Fri, 12 Feb 2010 15:00:35 +0300 (MSK)
Message-ID: <4B7542E3.1030404@cryptocom.ru>
Date: Fri, 12 Feb 2010 15:00:35 +0300
From: Basil Dolmatov <dol@cryptocom.ru>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: mrex@sap.com
Subject: Re: draft-ietf-dnsext-dnssec-gost
References: <201002112243.o1BMhvn1003940@fs4113.wdf.sap.corp>
In-Reply-To: <201002112243.o1BMhvn1003940@fs4113.wdf.sap.corp>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Feb 2010 11:59:24 -0000

Martin Rex пишет:

> Admittedly, I know very little about the cryptographic
> details, but there are two GOST signature algorithms
> (GOST R34.10-1994 and GOST R34.10-2001). The earlier
> appears to bear some similarity with DH, the newer appears to bear
> similarity with ECDH.  

> Whether and how much the -1994 version is
> deprecated is also a complete mystery.  
It is written in the text of GOST -2001



>  2. GOST R 34.10-2001 was accepted and activated by the Act 380-st of
    12.09.2001 issued by the Russian federal committee for standards.

    ...

    4. GOST R 34.10-2001 replaces GOST R 34.10-94.

So, GOST -1994 for digital signature _is_ deprecated and replaced from 
12.09.2001.

The transition period is not stated explicitly because it is obvious 
from standard procedure of certification in Russia.

No certificate can be issued for any hardware/software using -1994 
algorithm after 12.09.2001 and the certification period is 3 years.

So, after 12.09.2004 there can be no operating hardware/software using 
-1994 algorithm.

Just that simple. ;)

dol@

v2.23.0 | Report a Bug | By Email