Re: WG LC results summary: draft-ietf-dnsext-ds-sha256-03.txt

Ólafur Guðmundsson /DNSEXT co-chair <ogud@ogud.com> Fri, 13 January 2006 16:15 UTC

From: Ólafur Guðmundsson /DNSEXT co-chair <ogud@ogud.com>
Subject: Re: WG LC results summary: draft-ietf-dnsext-ds-sha256-03.txt
Date: Fri, 13 Jan 2006 11:15:30 -0500
Lines: 73
References: <sdace0azlx.fsf@wes.hardakers.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: Wes Hardaker <hardaker@tislabs.com>
To: DNSEXT WG <namedroppers@ops.ietf.org>
In-Reply-To: <sdace0azlx.fsf@wes.hardakers.net>
References: <sdace0azlx.fsf@wes.hardakers.net>
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
Message-ID: <20140418072125.2560.38413.ARCHIVE@ietfa.amsl.com>

Thanks Wes, for this excellent summary.

As the spreading chair for this document:
The document has received sufficient review and support to be advanced.
The document editor has addressed all issues raised during the WG
and will issue new version that resolves an new issue raised with
clarity.

Once the new version is issued, I will request that the IESG
process this document on an expedited schedule for publication
as Proposed Standard.

         Olafur

At 10:58 13/01/2006, Wes Hardaker wrote:

>At the end of the WG last call for draft-ietf-dnsext-ds-sha256-03.txt
>I determined the following issues needed to be fixed based on comments
>submitted to the WG and have made changes accordingly:
>
>1) draft-eastlake-sha2 should be referenced information-ally.
>    action: informational reference added.  Note that the suggestion
>    was made by eastlake, I didn't disagree and there were no other
>    opinions submitted.
>
>2) The implementation requirements stating that implementations had to
>    be configurable with respect to preferring one algorithm over
>    another was disagreed over.  At best, it doesn't meet consensus.
>    At worst, it's disliked.  Unfortunately two conversations have
>    taken place with different results (one before last call, and one
>    after) and the upshot is that at least consensus wasn't reached so
>    the words have been removed and replaced with a single SHOULD that
>    specifies SHA-256 DS records SHOULD be preferred by validates over
>    SHA-1 DS records.
>
>3) Security wording was added to the security section to reference
>    how downgrade attacks can happen without preference of SHA-256 over
>    SHA-1 (it was stated more generically).
>
>4) minor typos and grammatical fixes.
>
>A complete comparison of changes from -02 to -03 can be found at:
>
> 
>http://tools.ietf.org/wg/dnsext/draft-ietf-dnsext-ds-sha256/draft-ietf-dnsext-ds-sha256-03-from-02.diff.html
>
>There are no outstanding issues left with the document that have been
>brought to my attention (aside from what's mentioned below) and the
>document is ready to be given to the ADs for IETF last call.
>
>----------
>
>mail since the WG last call was closed officially was received from
>David Blacka preferring the wording "The DS record with the SHA-256
>digest fails to match the digest computed using the child zone's
>DNSKEY." over "The DS record with the SHA-256 digest fails to match
>the signature computed using the child zone's DNSKEY".  Technically
>this is beyond last call, but I've changed it in my local copy since
>we have IETF last call to go through anyway.  I'd be happy to a)
>publish a -04 if the chairs wish;  b) remove it until it's re-brought
>up in ietf last call;  c) leave it in my local copy.  I'll do c by
>default unless told otherwise by the chairs.
>
>--
>Wes Hardaker
>Sparta, Inc.


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

WG LC results summary: draft-ietf-dnsext-ds-sha25… Wes Hardaker
Re: WG LC results summary: draft-ietf-dnsext-ds-s… Ólafur Guðmundsson /DNSEXT co-chair
Re: WG LC results summary: draft-ietf-dnsext-ds-s… Wes Hardaker