On Wed, Jun 17, 2020, at 04:49, Dmitry Belyavsky wrote: > I don't think there are good or bad time periods to adopt nation-wide > crypto profiles. For me, the difference between the GOST profile and > hypothetical Korean or German profile is close to zero, and if anybody > brings such a profile for standardization, I'd like to support it.
I agree with Olafur on this. The reason we standardize is so that we can have a single - ideally very small - set of algorithms that are widely implemented. Because you want every one of those algorithms in every implementation. In a system like the DNS, you can't really limit the people who might need to consume your signature, so the set of acceptable signing algorithms needs to be small. Ideally you have just two: one that is established, and one that is new; or one using one technique and a backup using a different technique. TLS has mostly gotten this part right. We're much closer to the point of having just two in TLS 1.3. There are a few algorithms that exist to address narrow application domains (IoT, *cough*), but at least you can make a case for TLS deployments in a closed environment. For that case, TLS allows for codepoint allocation, but avoids an IETF recommendation for those algorithms. I don't think that DNS needs that same capability; deciding based on whether algorithms are good for global system is the only relevant criterion. If we all agree that GOST is superior to RSA (it probably is) and EdDSA (I doubt it, but I don't have an opinion), then adoption to replace an existing algorithm would be fine. That didn't happen last time, so that suggests it would be better for RFC 5933 to be deprecated entirely. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop