> On Aug 10, 2022, at 10:30, Robert Moskowitz <rgm-...@htt-consult.com> wrote: > > I will fix my example. Do you think I should have both examples: with and > without gateway?
No. First because you are not tunneling and it doesn’t apply to you and second because it can only be set for IPSECKEY records in the reverse zones, not in any forward zones. > Current IANA registry is: > > 0 No key is present [RFC4025] > 1 A DSA key is present, in the format defined in [RFC2536] [RFC4025] > 2 A RSA key is present, in the format defined in [RFC3110] [RFC4025] > 3 An ECDSA key is present, in the format defined in [RFC6605] > [RFC8005] > > > Per Paul's request I am coming up that for EdDSA I would ask the following be > added: > > 4 An EdDSA Public key is present, in the format defined in [RFC8080] > [This] > > > Note the addition of "Public" > > So should 1 - 3 also have "Public" added? > Should 4 NOT have "Public" > Should text be added describing this registry to be for "Public" keys? I think it should have public and an errata could be filed for 1-3 ? Or we can draft a separate draft for encoding algo 14 (digital signatures) that also fixes up these entries ? Or this draft could fix them ? Maybe the chairs or AD could give guidance here 😀 Thanks Bob! Paul
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
