On Mon, Jul 10, 2017 at 11:14:26AM +1000, Mark Andrews wrote:
> b) For DNS tools to add support for allocated data types within X
>months of them being assigned by IANA. Allocated types are
>supposed to have stable wire and presentation formats.
>
> for a reasonable value of X (<= 12?).
On Tue, Jul 4, 2017 at 11:42 AM, Shumon Huque wrote:
> Hi folks,
>
> We've posted a new draft on algorithm negotiation which we're hoping to
> discuss at IETF99 (and on list of course). I've discussed this topic with
> several folks at DNS-OARC recently.
>
> https://tools.ietf.org/html/draft-
On Mon, Jul 10, 2017 at 1:50 PM, Bob Harold wrote:
>
> On Tue, Jul 4, 2017 at 11:42 AM, Shumon Huque wrote:
>
>> Hi folks,
>>
>> We've posted a new draft on algorithm negotiation which we're hoping to
>> discuss at IETF99 (and on list of course). I've discussed this topic with
>> several folks a
On Mon, 2017-07-10 at 13:50 -0400, Bob Harold wrote:
> On Tue, Jul 4, 2017 at 11:42 AM, Shumon Huque
> wrote:
> > Hi folks,
...
> And perhaps a really dumb off-topic question:
> I do not use DNSSEC yet, mostly due to time and effort, secondly due
> to concern over the additional size and proces
On Mon, Jul 10, 2017 at 2:53 PM, Shumon Huque wrote:
> On Mon, Jul 10, 2017 at 1:50 PM, Bob Harold wrote:
>
>>
>> On Tue, Jul 4, 2017 at 11:42 AM, Shumon Huque wrote:
>>
>>> Hi folks,
>>>
>>> We've posted a new draft on algorithm negotiation which we're hoping to
>>> discuss at IETF99 (and on l
On Mon, 10 Jul 2017, Shumon Huque wrote:
We've posted a new draft on algorithm negotiation which we're hoping
to discuss at IETF99 (and on list of course). I've discussed this
topic with several folks at DNS-OARC recently.
https://tools.ietf.org/html/draft-huque-dnssec-alg-nego-00
I'm not
Shumon,
In section 5 your draft says:
If an Authoritative Server has no algorithms in common with the
Preferred Algorithms list in the incoming query, it MUST send back a
SERVFAIL response (Response Code 2). This response MUST contain the
list of algorithms supported by the server in
On Mon, Jul 10, 2017 at 5:00 PM, Paul Wouters wrote:
> On Mon, 10 Jul 2017, Shumon Huque wrote:
>
> We've posted a new draft on algorithm negotiation which we're hoping
>> to discuss at IETF99 (and on list of course). I've discussed this
>> topic with several folks at DNS-OARC recently.
>>
>>
On Mon, Jul 10, 2017 at 5:01 PM, Ólafur Guðmundsson
wrote:
> Shumon,
>
> In section 5 your draft says:
>
>If an Authoritative Server has no algorithms in common with the
>Preferred Algorithms list in the incoming query, it MUST send back a
>SERVFAIL response (Response Code 2). This r
In message
, Shumon
Huque writes:
> On Mon, Jul 10, 2017 at 5:00 PM, Paul Wouters wrote:
>
> > On Mon, 10 Jul 2017, Shumon Huque wrote:
> >
> > We've posted a new draft on algorithm negotiation which we're hoping
> >> to discuss at IETF99 (and on list of course). I've discussed this
> >> topic
On Mon, 10 Jul 2017, Shumon Huque wrote:
Perhaps we didn't explain it clearly enough, so let me give you a concrete
example:
My zone is currently signed with 2048-bit RSASHA256. I want to offer signatures
with Ed448 (or some other new algorithm) also, so that
newer validators can take advanta
On 3 Jul 2017, at 1:48, Peter van Dijk wrote:
> Hello,
>
> On 1 Jul 2017, at 23:40, internet-dra...@ietf.org wrote:
>
>> Abstract:
>>The DNS is defined in literally dozens of different RFCs. The
>>terminology used by implementers and developers of DNS protocols, and
>>by operators of
On Mon, Jul 10, 2017 at 6:55 PM, Paul Wouters wrote:
> On Mon, 10 Jul 2017, Shumon Huque wrote:
>
>>
>> So the goal is not to have them "permanently" signed with multiple
>> algorithms, but for a defined transition period, which may not be very
>> short. At that point, the older algorithm would b
On Mon, Jul 10, 2017 at 6:41 PM, Mark Andrews wrote:
>
>
> > I also don't want to deploy only Ed448 and cause my zone to be instantly
> > treated as unsigned by the vast majority of resolvers. Obviously, because
> > I've nullified the security benefit of DNSSEC, but also because I have
> > applica
14 matches
Mail list logo
