Re: [secdir] review of draft-ietf-dnsext-dnssec-gost-05
Nicolas Williams <Nicolas.Williams@sun.com> Fri, 08 January 2010 21:35 UTC
Return-Path: <Nicolas.Williams@sun.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 343AD3A68DE for <secdir@core3.amsl.com>; Fri, 8 Jan 2010 13:35:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.046
X-Spam-Level:
X-Spam-Status: No, score=-6.046 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L9hJGeThTYVS for <secdir@core3.amsl.com>; Fri, 8 Jan 2010 13:35:16 -0800 (PST)
Received: from brmea-mail-1.sun.com (brmea-mail-1.Sun.COM [192.18.98.31]) by core3.amsl.com (Postfix) with ESMTP id E94A43A686B for <secdir@ietf.org>; Fri, 8 Jan 2010 13:35:15 -0800 (PST)
Received: from dm-central-02.central.sun.com ([129.147.62.5]) by brmea-mail-1.sun.com (8.13.6+Sun/8.12.9) with ESMTP id o08LZDJB020051 for <secdir@ietf.org>; Fri, 8 Jan 2010 21:35:13 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by dm-central-02.central.sun.com (8.13.8+Sun/8.13.8/ENSMAIL, v2.2) with ESMTP id o08LZD1N054482 for <secdir@ietf.org>; Fri, 8 Jan 2010 14:35:13 -0700 (MST)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3) with ESMTP id o08LKEfT001384; Fri, 8 Jan 2010 15:20:14 -0600 (CST)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3/Submit) id o08LKDpi001383; Fri, 8 Jan 2010 15:20:13 -0600 (CST)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to Nicolas.Williams@sun.com using -f
Date: Fri, 08 Jan 2010 15:20:13 -0600
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: David McGrew <mcgrew@cisco.com>
Message-ID: <20100108212013.GC1061@Sun.COM>
References: <p06240810c76be77be756@[128.89.89.161]> <20100107222809.GA25747@shinkuro.com> <p06240818c76c1a38cbf8@[128.89.89.161]> <20100108144431.GB26259@shinkuro.com> <p06240812c76d0821dd1b@[10.20.30.158]> <20100108113528.gbmbl95nok8gsgwc@webmail.mit.edu> <566303C7-A4F9-48B2-93E4-3F16FA394430@cisco.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <566303C7-A4F9-48B2-93E4-3F16FA394430@cisco.com>
User-Agent: Mutt/1.5.7i
Cc: secdir@ietf.org
Subject: Re: [secdir] review of draft-ietf-dnsext-dnssec-gost-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jan 2010 21:35:17 -0000
On Fri, Jan 08, 2010 at 01:10:14PM -0800, David McGrew wrote:
> I also agree with the compelling reasons that Steve and Paul have
> articulated.
+1
> I'm confused about one point, though. The IANA considerations section
> in draft-ietf-dnsext-dnssec-gost-06 asks for GOST R 34.10-2001 and
> GOST R 34.11-94 to be registered as OPTIONAL. Was there some
> suggestion to make them mandatory?
"
6.1. Support for GOST signatures
DNSSEC aware implementations SHOULD be able to support RRSIG and
DNSKEY resource records created with the GOST algorithms as
defined in this document.
...
8. IANA Considerations
...
Zone Trans.
Value Algorithm Mnemonic Signing Sec. References Status
{TBA1} GOST R 34.10-2001 GOST Y * (this memo) OPTIONAL
...
Value Algorithm Status
{TBA2} GOST R 34.11-94 OPTIONAL
"
Section 6.1 and 8 are in conflict.
Nico
--
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Andrew Sullivan
- [secdir] review of draft-ietf-dnsext-dnssec-gost-… Stephen Kent
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Stephen Kent
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Andrew Sullivan
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Paul Hoffman
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Uri Blumenthal
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Andrew Sullivan
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Paul Hoffman
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… David McGrew
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Nicolas Williams
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Eric Rescorla
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Stephen Kent
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Basil Dolmatov
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Basil Dolmatov
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Uri Blumenthal
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Sandra Murphy
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Sandra Murphy
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Stephen Kent
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Nicolas Williams
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Andrew Sullivan
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Basil Dolmatov
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Stephen Kent
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Andrew Sullivan
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Basil Dolmatov
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Stephen Kent
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Jeffrey Hutzelman
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Andrew Sullivan
- Re: [secdir] review of draft-ietf-dnsext-dnssec-g… Jeffrey Hutzelman