On Tue, Jan 17, 2023 at 01:56:04PM +0100, Otto Moerbeek wrote: > Hi, > > I was wondering about RFC9276 which says: "SHOULD NOT use salt", while > RFC5155 section 7.1. says: > > "If a hash collision is detected, then a new salt has to be chosen, > and the signing process restarted." > > Now I know it is *very* unlikely to see a collision when signing a > zone, but is this perhaps the reason why the iterations count MUST be > 0, while a salt SHOULD NOT be used, so that a salt remains legal to > use? > > If so, it would be nice to mention that reason, maybe in an errata (if > extra explanation is allowed to be added in an errata). > > Are there maybe other considerations why one is a MUST and the other a > SHOULD NOT?
The use or not of a salt is a considerations taken from the point of view of the signer. It has nearly zero implications regarding the main concern of the document. But you do have a very good point, even though very unlikely, on the mitigation venue of a possible hash collision. > Thanks, > > -Otto Fred _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
