Re: [keyassure] Opening issue #21: "Need to specify which crypto algorithms and certificate types are mandatory to implement"

Phillip Hallam-Baker <hallam@gmail.com> Fri, 25 February 2011 21:51 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7125B3A6A5A for <keyassure@core3.amsl.com>; Fri, 25 Feb 2011 13:51:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.569
X-Spam-Level:
X-Spam-Status: No, score=-3.569 tagged_above=-999 required=5 tests=[AWL=0.029, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PGounF-A1u2L for <keyassure@core3.amsl.com>; Fri, 25 Feb 2011 13:51:15 -0800 (PST)
Received: from mail-bw0-f44.google.com (mail-bw0-f44.google.com [209.85.214.44]) by core3.amsl.com (Postfix) with ESMTP id A95C23A6A48 for <keyassure@ietf.org>; Fri, 25 Feb 2011 13:51:13 -0800 (PST)
Received: by bwz13 with SMTP id 13so2719567bwz.31 for <keyassure@ietf.org>; Fri, 25 Feb 2011 13:52:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=eZeYnkANfzuQkQIeGFpKqPdGCOmAP1ZngB2DaNFE0J4=; b=oCHOyju/JANN3PnMco9Jvu0SpkxoEmjfSHpvQuknZXJKPaJRQrd4Acav8N5MkJ0NWg F0KtiRFjiQz8pDmb68+AIgo1usl0tHc5pI7dhbuJAm6qFPsRWlQn/9S4TTcXbm/WEARq ojb3nZW7lK3LeaZgPnkXjEaNHVM6UKkNJ/Rqg=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=KljMTYtkb6iz10tEyrxVkJvWcGDiN8ro+FVNUdaGtkrdcDyUYt3HJpRyK08dCw75n7 0sl3wf3Miv2Q1VbSImipb/2tAM4HxwboOKeoqDx/7yRGGugHEEDOQ4Kyjn+RT//tLN45 ru0D4aGu1sIwXosC5HRpQb1eyUP2Lb/tqpSaQ=
MIME-Version: 1.0
Received: by 10.204.52.136 with SMTP id i8mr2466912bkg.74.1298670726141; Fri, 25 Feb 2011 13:52:06 -0800 (PST)
Received: by 10.204.14.139 with HTTP; Fri, 25 Feb 2011 13:52:06 -0800 (PST)
In-Reply-To: <9933A160-3DAF-42FA-B5FA-DDF185FA5C63@kumari.net>
References: <9933A160-3DAF-42FA-B5FA-DDF185FA5C63@kumari.net>
Date: Fri, 25 Feb 2011 16:52:06 -0500
Message-ID: <AANLkTimGsc38B+2R03CiW2TzKoiHvj_7NLs0gD=340Tw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Warren Kumari <warren@kumari.net>
Content-Type: multipart/alternative; boundary=001636c5bc0f4fd965049d225780
Cc: keyassure@ietf.org
Subject: Re: [keyassure] Opening issue #21: "Need to specify which crypto algorithms and certificate types are mandatory to implement"
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Feb 2011 21:51:16 -0000

Currently, the only digest algorithm that can be recommended is SHA-2

We really do need SHA2 in here as a MUST, unless we are still discussing
this when the SHA3 competition results are out.


I would strongly suggest NOT supporting SHA1 in any form.

On Fri, Feb 25, 2011 at 4:31 PM, Warren Kumari <warren@kumari.net> wrote:

> Hi all,
>
> While we are all ruminating on the other issues, I figured we might as well
> try address this one:
>
> Need to specify which crypto algorithms and certificate types are mandatory
> to implement -- http://trac.tools.ietf.org/wg/dane/trac/ticket/21
>
> Description:
> Currently, the draft is silent on which crypto algorithms and certificate
> types must be implemented for interoperability. It should be specific before
> the document is finished.
>
>
> W
> _______________________________________________
> keyassure mailing list
> keyassure@ietf.org
> https://www.ietf.org/mailman/listinfo/keyassure
>



-- 
Website: http://hallambaker.com/