Dear DNSOP, I asked Dmitry to please bring this document to DNSOP for discussion; DNSOP is where we generally discuss the use of different algorithms in DNSSEC. I'd appreciate it if the discussion can be kept to the DNS / DNSSEC parts of the document (using the algorithms for DNSKEY, RRSIG, and DS resource records), and not the crypto itself (CFRG / others are the place for that).
W On Tue, Feb 11, 2020 at 12:06 PM Dmitry Belyavsky <beld...@gmail.com> wrote: > > Dear DNSOP mailing list members, > > Please see the announcement of the draft describing using the > GOST 2012 hash and digital signature algorithms for DNSSec. > > The document pretends to update 2 IANA registries. > > The 1st one implies the "RFC required" status: > https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml#dns-sec-alg-numbers-1 > so there are no problems with it. > > The 2nd one, unfortunately for me, requires "Standard action" status > https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml#ds-rr-types-1 > > so it makes impossible to pass it via ISE. > > I kindly ask to review the draft to make possible assigning the IANA codes > for the algorithms. > The implementation of the draft is also available, see > https://github.com/beldmit/ldns/tree/gost2012 for details. > > Many thanks! > > ---------- Forwarded message --------- > From: <internet-dra...@ietf.org> > Date: Sun, Feb 9, 2020 at 1:43 PM > Subject: New Version Notification for draft-belyavskiy-rfc5933-bis-01.txt > To: Vasily Dolmatov <vdolma...@gmail.com>, Dmitry Belyavskiy > <beld...@gmail.com> > > > > A new version of I-D, draft-belyavskiy-rfc5933-bis-01.txt > has been successfully submitted by Dmitry Belyavskiy and posted to the > IETF repository. > > Name: draft-belyavskiy-rfc5933-bis > Revision: 01 > Title: Use of GOST 2012 Signature Algorithms in DNSKEY and RRSIG > Resource Records for DNSSEC > Document date: 2020-02-09 > Group: Individual Submission > Pages: 9 > URL: > https://www.ietf.org/internet-drafts/draft-belyavskiy-rfc5933-bis-01.txt > Status: https://datatracker.ietf.org/doc/draft-belyavskiy-rfc5933-bis/ > Htmlized: https://tools.ietf.org/html/draft-belyavskiy-rfc5933-bis-01 > Htmlized: > https://datatracker.ietf.org/doc/html/draft-belyavskiy-rfc5933-bis > Diff: > https://www.ietf.org/rfcdiff?url2=draft-belyavskiy-rfc5933-bis-01 > > Abstract: > This document describes how to produce digital signatures and hash > functions using the GOST R 34.10-2012 and GOST R 34.11-2012 > algorithms for DNSKEY, RRSIG, and DS resource records, for use in the > Domain Name System Security Extensions (DNSSEC). > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > > > -- > SY, Dmitry Belyavsky > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
