Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

On 15/09/2021 23.51, Daniel Migault wrote: I do not have any specific example in mind and as far as I know GOST is standard [1] - This was already the case during the call for adoption and I suppose it was mentioned as an example. To clarify, that DNSSEC-standard GOST only uses crypto that's b

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

Hi Vladimir, Thanks for the feedback. Please see my responses inline. On Wed, Sep 15, 2021 at 1:45 PM Vladimír Čunát wrote: > On 15/09/2021 16.41, Daniel Migault wrote: > > Outside experimentation, especially for national algorithms, this will > > lead to nations having their algorithms qualif

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

Hi, As Paul H. mentioned to me the document is in the last call, I am providing my comments to the last call mailing list. I feel that my comments mostly concern the security consideration sections. Yours, Daniel On Wed, Sep 15, 2021 at 10:41 AM Daniel Migault wrote: > Hi, > > I apologize for

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

On 15/09/2021 16.41, Daniel Migault wrote: Outside experimentation, especially for national algorithms, this will lead to nations having their algorithms qualified as standard while other nations having their algorithms qualified as non standard. I would like to understand why this cannot be a

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

Hi, I apologize for the late answer, but here are my comments regarding the draft. I believe the security considerations section needs to mention the interoperability issue if a hash algorithm is not widely supported by the resolvers. This, in my view, can potentially affect the DNS system, and I

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

All The Working Group Last Call for draft-ietf-dnsop-dnssec-iana-cons ended last week, and we've filtered through the comments both pro and con. We feel there is rough consensus to move this forward. thanks Benno/Suzanne/Tim On Wed, Aug 4, 2021 at 11:29 AM Tim Wicinski wrote: > > All > > Th

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

The title page (top left) says this updates RFC 3658, and that RFC is mentioned in the Introduction and listed in the References section, but this document doesn't explain what in that document is being updated. -MSK On Wed, Aug 4, 2021 at 8:29 AM Tim Wicinski wrote: > > All > > This starts a W

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

Hi, Joe, Please allow me to interject, on a few different issues from this thread… Sent from my iPhone > On Aug 12, 2021, at 4:39 PM, Joe Abley wrote: > > Hi Paul, > >> On 12 Aug 2021, at 15:48, Paul Wouters wrote: >> >> On Thu, 12 Aug 2021, Joe Abley wrote: >> This would have been ex

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

On Aug 12, 2021, at 16:53, Paul Wouters wrote: > On Thu, 12 Aug 2021, Joe Abley wrote: > >> I think the set of acceptable algorithms is constrained sufficiently often >> by registries and registrars that it makes little sense to consider any >> other case. > > I think this problem is more eas

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

On Thu, 12 Aug 2021, Joe Abley wrote: I think the set of acceptable algorithms is constrained sufficiently often by registries and registrars that it makes little sense to consider any other case. I think this problem is more easilly solved. You can reach out to them. So my own order of pre

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

Hi Paul, On 12 Aug 2021, at 15:48, Paul Wouters wrote: > On Thu, 12 Aug 2021, Joe Abley wrote: > >>> This would have been excellent to do when we did DS. It would still be >>> good to do this now, I agree. But it would be too late for some of the >>> things discussed now. >> >> Can you talk mo

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

On Thu, 12 Aug 2021, Joe Abley wrote: This would have been excellent to do when we did DS. It would still be good to do this now, I agree. But it would be too late for some of the things discussed now. Can you talk more about why you think so? I did a small presentation during IETF 111 DPRIV

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

On Aug 12, 2021, at 10:57, Paul Wouters wrote: > On Thu, 12 Aug 2021, Olafur Gudmundsson wrote: > >> The DS record is a unique record that it lives only at the parent side of >> delegation, when DNS was defined no such records were >> envisioned, if more are needed this working should take up

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

On Thu, 12 Aug 2021, Olafur Gudmundsson wrote: IMHO the ONLY benefit of it is to encourage DS record overloading with random data that has no DNSSEC relevance,  leading to abuse that threatens to turn the DS record into the new TXT overloading record resulting in large DS sets.  Not the only

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

> On Aug 4, 2021, at 11:29 AM, Tim Wicinski wrote: > > > All > > This starts a Working Group Last Call for draft-ietf-dnsop-dnssec-iana-cons > > Current versions of the draft is available here: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-iana-cons/ >

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

Sorry, I meant I support the draft On Wed, Aug 11, 2021 at 3:45 PM Dmitry Belyavsky wrote: > I support the adoption > > On Wed, Aug 4, 2021 at 5:29 PM Tim Wicinski wrote: > >> >> All >> >> This starts a Working Group Last Call for >> draft-ietf-dnsop-dnssec-iana-cons >> >> Current versions of t

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

I support the adoption On Wed, Aug 4, 2021 at 5:29 PM Tim Wicinski wrote: > > All > > This starts a Working Group Last Call for draft-ietf-dnsop-dnssec-iana-cons > > Current versions of the draft is available here: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-iana-cons/ > > The Cur

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

Hello, I support the draft.  (as I wrote in November)  I re-read the current text, though I admit I could miss details relatively easily in process matters. --Vladimir | knot-resolver.cz ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/ma

Re: [DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

Hi, I think this is a good, short draft and I support its publication. The assignment requirement level it imposes is more appropriate than the current requirement. I do have some suggestions which range from minor to trivial: - Delete "some" from the first line of the Abstract. - To avoid

[DNSOP] Working Group Last Call for Revised IANA Considerations for DNSSEC

All This starts a Working Group Last Call for draft-ietf-dnsop-dnssec-iana-cons Current versions of the draft is available here: https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-iana-cons/ The Current Intended Status of this document is: Standards Track Please review the draft and offer