On Jan 1, 2021, at 8:53 AM, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: > > I note that you didn't answer my question about actual use > of gost and guess that's because you don't have that data > to hand. I'm still interested in that if someone has info > because grounding this in reality seems likely better.
Correct, I have no such data, but others might. The .ru domain (and other domains where GOST might have any traction) are not open for research. > On 01/01/2021 16:38, Paul Hoffman wrote: >> The status quo (standard required) will likely absorb a lot of time >> for the IETF if the WG decides to move the revised GOST forward. It >> will also probably land in the CFRG. Reducing the requirement to RFC >> required allows their document to be informational. >> The WG already has RFC 8624 that talks about what implementers should >> do with various algorithms. Clearly, it will need to be updated for >> the revised GOST regardless of whether the WG changes the IANA >> considerations. >> Also, as a reminder, this isn't only about GOST. In the coming years, >> there will be a raft of post-quantum signing algorithms with >> different signature and key size ratios that people will want >> adopted. Putting every one of them on standards track seems onerous >> to some of us. > Sure, I get all that, but the trade-off is between our time > vs. some properties of the deployed DNS so it may or may not > be that us spending time is the better/cheaper option overall > even if that's a PITA for us. Personally I could more easily > figure out my position on this if I knew how much gost was > really in use. (If it's negligible, then one could argue that > moving the current gost alg to historic or something might be > the better option.) The WG has already adopted the revised GOST document as a WG item; what you are proposing (if the current use is negligible) would be in the opposite direction. --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
