It was the red hat situation that led me to write this. Red hat should have gone to phase 6, not phase 7.
I recommend moving SHASHA1 to phase 6 for the time being. Steve Sent from my iPhone > On Nov 13, 2024, at 7:55 PM, Philip Homburg <pch-dnso...@u-1.phicoh.com> > wrote: > > >> >> See our I-D on lifecycle. It addresses this issue squarely. > > The problem is that RedHat went ahead and disabled support for SHASHA1 > (in the default configuration). That results in systems that > violate the current DNSSEC standards. It seems some people would like to > change the standards in such way that RedHat is no longer violating them. > > Regarding draft-crocker-dnsop-dnssec-algorithm-lifecycle I have two > questions: > 1) Do we expect to delay draft-ietf-dnsop-must-not-sha1 until after > the lifecycle has been accepted and published? > 2) The intended status of the lifecycle draft is informational. Do we > expect that the draft will have a big effect on the current discussion? > _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
