On 5 Apr 2017, at 1:42, Mukund Sivaraman wrote:
Name: draft-muks-dnsop-dnssec-sha3
NIST's use case for SHA3 algorithms is for when particular SHA2 algorithms are weakened. This would mean that the fallback for RSASHA256 is RSASHA512, not a SHA3 variant. Thus, the premise for this entire draft (which isn't listed until the end...) is flawed.
Also, it is weird that a draft that is about having a fallback if a hash algorithm becomes weakened uses the RSASSA-PKCS1-v1_5 signature scheme, given that PKCS1 1.5 is already known to be weakened.
--Paul Hoffman _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop