Just a clarification. In contrast to RFC 5933, this document does NOT pretend to make the described algorithms IANA-recommended.
On Wed, Feb 12, 2020 at 12:14 AM Warren Kumari <war...@kumari.net> wrote: > Dear DNSOP, > > I asked Dmitry to please bring this document to DNSOP for discussion; > DNSOP is where we generally discuss the use of different algorithms in > DNSSEC. > I'd appreciate it if the discussion can be kept to the DNS / DNSSEC > parts of the document (using the algorithms for DNSKEY, RRSIG, and DS > resource records), and not the crypto itself (CFRG / others are the > place for that). > > W > > On Tue, Feb 11, 2020 at 12:06 PM Dmitry Belyavsky <beld...@gmail.com> > wrote: > > > > Dear DNSOP mailing list members, > > > > Please see the announcement of the draft describing using the > > GOST 2012 hash and digital signature algorithms for DNSSec. > > > > The document pretends to update 2 IANA registries. > > > > The 1st one implies the "RFC required" status: > > > https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml#dns-sec-alg-numbers-1 > > so there are no problems with it. > > > > The 2nd one, unfortunately for me, requires "Standard action" status > > > https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml#ds-rr-types-1 > > > > so it makes impossible to pass it via ISE. > > > > I kindly ask to review the draft to make possible assigning the IANA > codes for the algorithms. > > The implementation of the draft is also available, see > https://github.com/beldmit/ldns/tree/gost2012 for details. > > > > Many thanks! > > > > ---------- Forwarded message --------- > > From: <internet-dra...@ietf.org> > > Date: Sun, Feb 9, 2020 at 1:43 PM > > Subject: New Version Notification for draft-belyavskiy-rfc5933-bis-01.txt > > To: Vasily Dolmatov <vdolma...@gmail.com>, Dmitry Belyavskiy < > beld...@gmail.com> > > > > > > > > A new version of I-D, draft-belyavskiy-rfc5933-bis-01.txt > > has been successfully submitted by Dmitry Belyavskiy and posted to the > > IETF repository. > > > > Name: draft-belyavskiy-rfc5933-bis > > Revision: 01 > > Title: Use of GOST 2012 Signature Algorithms in DNSKEY and > RRSIG Resource Records for DNSSEC > > Document date: 2020-02-09 > > Group: Individual Submission > > Pages: 9 > > URL: > https://www.ietf.org/internet-drafts/draft-belyavskiy-rfc5933-bis-01.txt > > Status: > https://datatracker.ietf.org/doc/draft-belyavskiy-rfc5933-bis/ > > Htmlized: > https://tools.ietf.org/html/draft-belyavskiy-rfc5933-bis-01 > > Htmlized: > https://datatracker.ietf.org/doc/html/draft-belyavskiy-rfc5933-bis > > Diff: > https://www.ietf.org/rfcdiff?url2=draft-belyavskiy-rfc5933-bis-01 > > > > Abstract: > > This document describes how to produce digital signatures and hash > > functions using the GOST R 34.10-2012 and GOST R 34.11-2012 > > algorithms for DNSKEY, RRSIG, and DS resource records, for use in the > > Domain Name System Security Extensions (DNSSEC). > > > > > > > > > > Please note that it may take a couple of minutes from the time of > submission > > until the htmlized version and diff are available at tools.ietf.org. > > > > The IETF Secretariat > > > > > > > > -- > > SY, Dmitry Belyavsky > > _______________________________________________ > > DNSOP mailing list > > DNSOP@ietf.org > > https://www.ietf.org/mailman/listinfo/dnsop > > > > -- > I don't think the execution is relevant when it was obviously a bad > idea in the first place. > This is like putting rabid weasels in your pants, and later expressing > regret at having chosen those particular rabid weasels and that pair > of pants. > ---maf > -- SY, Dmitry Belyavsky
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop