Hi, I apologize for the late answer, but here are my comments regarding the draft.
I believe the security considerations section needs to mention the interoperability issue if a hash algorithm is not widely supported by the resolvers. This, in my view, can potentially affect the DNS system, and I believe some text should try to limit non standard algorithms to very specific deployment - including experimentation. I believe that for experimentation the draft is helpful. Outside experimentation, especially for national algorithms, this will lead to nations having their algorithms qualified as standard while other nations having their algorithms qualified as non standard. I would like to understand why this cannot be a problem. For additional transparency, the document needs, in my opinion, additional clarifications. This includes guidelines or criteria for algorithms to qualify as standard as well as the relation with rfc8624 that makes DNSSEC interoperable in terms of cryptography. More specifically it should clarify that standard algorithms may or may not be recommended as well as whether non standard algorithms may or may not be recommended. Yours, Daniel On Tue, Aug 24, 2021 at 3:07 AM Tim Wicinski <tjw.i...@gmail.com> wrote: > All > > The Working Group Last Call for draft-ietf-dnsop-dnssec-iana-cons ended > last week, and we've filtered through the comments both pro and con. > > We feel there is rough consensus to move this forward. > > thanks > > Benno/Suzanne/Tim > > > On Wed, Aug 4, 2021 at 11:29 AM Tim Wicinski <tjw.i...@gmail.com> wrote: > >> >> All >> >> This starts a Working Group Last Call for >> draft-ietf-dnsop-dnssec-iana-cons >> >> Current versions of the draft is available here: >> https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-iana-cons/ >> >> The Current Intended Status of this document is: Standards Track >> >> Please review the draft and offer relevant comments. >> If this does not seem appropriate please speak out. >> If someone feels the document is *not* ready for publication, please >> speak out with your reasons. >> >> This starts a two week Working Group Last Call process, and ends on: 18 >> August 2021 >> >> thanks >> tim >> > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > -- Daniel Migault Ericsson
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
