The people arguing for adoption seem to have two major arguments: 1) we should punish zones that sign with old algorithms by making compliant resolvers treat them as insecure 2) we should make it impossible for zones to sign or re-sign with old algorithms
#1 affects resolvers, in particular the resolver's security policies. It is based on as-yet unsupported assertions of the lack of safety for SHA-1 in DNSSEC signatures or DS records. #2 affects signing software (and maybe authoritative software?). It is based on the fact that there is a large known set of resolvers that will treat zones signed with SHA-1 (and maybe zones covered with SHA-1 DS records?) as insecure, and the fact that there are easily-chosen alternatives that do not (yet) have this problem. The current must-not-sha1 is worded around #1. I am currently against adoption for that reason. If it was instead worded around #2, it would be easier to support. I am still saddened by the level of interest in these documents, at the expense of other DNSSEC-related documents that are clearly more important. We could be much closer to more stable DNSSEC operations if people showed interest in those WG drafts instead of wanting to pile on more drafts, particularly those that make DNSSEC less safe for some existing users. --Paul Hoffman _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
