[Last-Call] Secdir last call review of draft-ietf-dnsop-rfc5933-bis-10

Mohit Sethi via Datatracker <noreply@ietf.org> Sun, 09 October 2022 18:58 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Mohit Sethi via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: dnsop@ietf.org, draft-ietf-dnsop-rfc5933-bis.all@ietf.org, last-call@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <166534188656.48677.1648143875186425210@ietfa.amsl.com>
Reply-To: Mohit Sethi <mohit@iki.fi>
Date: Sun, 09 Oct 2022 11:58:06 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/7AmrQHJE0kwEOrNK1YwrD_mPGOo>
Subject: [Last-Call] Secdir last call review of draft-ietf-dnsop-rfc5933-bis-10

Reviewer: Mohit Sethi
Review result: Ready

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG. These comments
were written primarily for the benefit of the security area directors. Document
editors and WG chairs should treat these comments just like any other last-call
comments.

This document updates the old GOST digital signature and hash algorithm with
the new ones for usage in DNSKEY, RRSIG, and DS resource records.

Section 8 explains how the paragraph describing the state of GOST algorithms in
section 3.1 of RFC 8624 is updated. Why is section 3.3 of RFC 8624 containing
the text "GOST R 34.11-2012 has not been standardized for use in DNSSEC." not
updated in a similar fashion?

[Last-Call] Secdir last call review of draft-ietf… Mohit Sethi via Datatracker