Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-algorithm-update

fujiwara Mon, 15 Oct 2018 08:05:39 -0700

WGLC comment to draft-ietf-dnsop-algorithm-update-02

Section 3.2 is "recommendations for operators".


There is texts that discuss ECDSAP256SHA256 only in section 3.2.
However, RSASHA256 is still usable.
Please add text about other algorithms.
if there is a table similar to section 3.1, it will help operators.

For example,
                 choice of                | choice of
                 sigining algorithm (now) | sigining algorithm (2 years Later)
  ----------------------------------------------------------------------------
  RSASHA1*        MUST NOT                | MUST NOT
  RSASHA256       usable                  | usable/consider change to EC*/Ed*
  ECDSAP256*      usable                  | usable
  Ed25519         MAY                     | usable


Regards,

--
Kazunori Fujiwara, JPRS <fujiw...@jprs.co.jp>

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Working Group Last Call for: draft-ietf-dnsop-algorithm-update

Reply via email to