The recommendations in the document are completely unclear if it is
talking about:
- what should be in signer implementations
- what should be in validator implementations
- what someone who is starting to sign today SHOULD/MUST use
- what someone who is already signing SHOULD/MUST use
I think those four lists are probably different. Before the document is
picked up by the WG, it would be good if it made clear which lists it is
for.
My personal feeling is that if we do the third, we should say MUST NOT
with any SHA1 algorithm because they're going to get nailed in the
future by people who refuse to validate it. If we do the fourth, I would
say SHOULD NOT use now and SHOULD change within two years (or some moral
equivalent of that).
--Paul Hoffman
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
