On Thu, Jul 25, 2024 at 5:50 PM Yorgos Thessalonikefs <yor...@nlnetlabs.nl> wrote:
> On 26/07/2024 02:43, Paul Hoffman wrote: > > There is a mismatch here. If the worry is an attacker creating colliding > key tags to cause more work, that attacker is simply going to ignore the > MUST requirement. > I believe the idea is that with that MUST in place, validators can error > out on collisions. > > But I do want to see a flag day for validators (either failing on the > first or second collision) for all algorithms. > Yes, that possibility is listed in the draft too (require non colliding key tags for existing algorithms too at some future flag date). Shumon.
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
