Paul Wouters <p...@nohats.ca> wrote: >> On Aug 10, 2022, at 10:30, Robert Moskowitz <rgm-...@htt-consult.com> >> wrote: >> >> I will fix my example. Do you think I should have both examples: with >> and without gateway?
> No. First because you are not tunneling and it doesn’t apply to you and > second because it can only be set for IPSECKEY records in the reverse > zones, not in any forward zones. Agreed! >> Per Paul's request I am coming up that for EdDSA I would ask the >> following be added: >> >> 4 An EdDSA Public key is present, in the format defined in [RFC8080] >> [This] >> >> >> Note the addition of "Public" >> >> So should 1 - 3 also have "Public" added? Should 4 NOT have "Public" >> Should text be added describing this registry to be for "Public" keys? > I think it should have public and an errata could be filed for 1-3 ? Or > we can draft a separate draft for encoding algo 14 (digital signatures) > that also fixes up these entries ? I supposed that the word public could be added all over the Registry. I think that RFC4025 has the word in enough places that it should be obvious that a private key does not go there. So this seems like printing "This bag is not a toy" on stuff, but I don't object to this. -- Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec