> On 4 Jan 2021, at 15:27, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: > > On 04/01/2021 14:23, Paul Wouters wrote: >> On Mon, 4 Jan 2021, Stephen Farrell wrote: >>> WRT GOST, we're not really talking about an algorithm but >>> rather a national crypto standards scheme that selects sets >>> of algorithms. For such things, whether from Russia or the >>> US or anywhere, I think it's quite fair to ask "how has >>> version N deployment gone?" >> Why is that fair? > > Eh? Seems to me that asking about the facts is fair.
It’s a bit odd to be asking about fairness now. [Better late than never I suppose.] IIRC nobody asked about usage when typecodes got issued for DNSSEC algorithms - until now. It was just assumed, perhaps wrongly, they would be used. However I think you’re conflating two different things Stephen. This I-D is a sensible and pragmatic solution to a real problem. Mandating a standards-track RFC to get a new DNSSEC type code is unreasonable. [Dare I say unfair? :-)] So let’s fix that. The question of whether a new DNSSEC crypto algorithm will get used/supported or not can be discussed as and when there’s an I-D proposing to adopt one. And of course there’s a meta-discussion to be had about how/where that discussion takes place. IMO some sort of lightweight expert review process like the one used for RR typecode allocation seems appropriate. It doesn’t necessarily follow that writing up such an (Informational?) RFC guarantees an IANA type code allocation. YMMV. BTW, does anyone ask usage questions before typecodes get allocated for algorithms/modes used in TLS crypto? I suport WG adoption of draft-hoffman-dnssec-iana-cons and am willing to review it. Maybe there needs to be another I-D to document the process for adding and deprecating DNSSEC type codes? _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
