On Sep 9, 2021, at 8:28 AM, Paul Wouters <p...@nohats.ca> wrote: > This is hinted strongly at in 2006: > > https://datatracker.ietf.org/doc/html/rfc4509#section-6.2 > > and even stronger via a MUST NOT in 2019's RFC 8624: > > https://datatracker.ietf.org/doc/html/rfc8624#section-3.3
RFC 8624 is implementation guidance, not deployment guidance. This WG discussed at length whether to include deployment guidance (particularly for weaker algorithms like SHA1) and concluded that we didn't want to do that. You should know this, given that you are co-editor of RFC 8624. > What's the process for requesting the SHA-1 based DS record deletation for > .arpa? Did you first ask the administrators of the zone in question before sending this message to a grooup that has no administrative power over the zone? --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
