On Tue, Jan 7, 2025 at 1:45 PM Paul Wouters <p...@nohats.ca> wrote:
> On Tue, 7 Jan 2025, Paul Hoffman wrote: > > > draft-ietf-dnsop-must-not-sha1 > > > > This document is fine as-is, with one minor nit: Appendix C should be > marked for removal by the RFC Editor, similar to Appendix B. > > I think the Title and Abstract are broken. It currently states: > > Remove SHA-1 from active use within DNSSEC > > Abstract > > This document retires the use of SHA-1 within DNSSEC. > > > As we are not removing SHA-1 from NSEC3, I believe the title and abtract > (and perhaps more content) should clarify that this is about removing > SHA-1 as hashing and signature algorithm. > Yes, indeed. The title and abstract need to include wording that clearly states the actual scope of the document - deprecating the use of SHA1 in DNSSEC signature algorithms. (I would avoid saying "hashing and signature algorithms", since NSEC3 uses SHA1 as a name hashing algorithm). Shumon.
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
