On Tue, Jan 17, 2023 at 01:56:04PM +0100, Otto Moerbeek wrote:
> Hi,
>
> I was wondering about RFC9276 which says: "SHOULD NOT use salt", while
> RFC5155 section 7.1. says:
>
> "If a hash collision is detected, then a new salt has to be chosen,
> and the signing process restarted."
>
> Now I know it is *very* unlikely to see a collision when signing a
> zone, but is this perhaps the reason why the iterations count MUST be
> 0, while a salt SHOULD NOT be used, so that a salt remains legal to
> use?
>
> If so, it would be nice to mention that reason, maybe in an errata (if
> extra explanation is allowed to be added in an errata).
>
> Are there maybe other considerations why one is a MUST and the other a
> SHOULD NOT?
The use or not of a salt is a considerations taken from the point of
view of the signer. It has nearly zero implications regarding the main
concern of the document. But you do have a very good point, even
though very unlikely, on the mitigation venue of a possible hash
collision.
> Thanks,
>
> -Otto
Fred
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop