Dear Paul, On Mon, Apr 27, 2020 at 3:51 AM Paul Wouters <p...@nohats.ca> wrote:
> On Thu, 23 Apr 2020, Tim Wicinski wrote: > > > We've uploaded the minutes from today's session > > Thanks for the minutes. One comment on the GOST comment from Jim: > > > Jim: Supports work > Wants references to old ones to be deprecated > > > Note that RFC-8624 already made algorithm 12 (ECC-GOST) a "MUST NOT" > for signing and a "MAY" for validation. > > I agree that for 8624bis, the MAY should become a MUST NOT. Ideally > after we have the new GOST DNSKEY algorithm. The justification is that > this algorithm has been obsolete for a while now, and there is no real > deployment of it. As far as I know, there were only two domains in .ru > that used it, mostly for testing? Maybe Viktor, Dmitry or Stanislav > could confirm this. > There were more than 2 domains :) I see some elements of a vicious circle there. Lack of support of GOST in DNSSEC software causes a lack of popularity even in Russia. So now the standard and its implementation were done simultaneously. -- SY, Dmitry Belyavsky
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
