The update addresses comments from the Secdir and Genart reviews. In particular:
1) The text proposed by Tony Finch concerning SHA-1 has been included verbatim into the draft. (However, the suggestion to make informative references to some web sites that discuss SHA-1 collisions was not taken up - standards documents can be relevant for many years whereas web sites can be more more transient.) 2) There was some very minor tinkering with the wording concerning the example naming scheme for keys to try and make it easier to parse. Stephen > On 20 Feb 2020, at 11:36, [email protected] wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Domain Name System Operations WG of the IETF. > > Title : Secret Key Transaction Authentication for DNS (TSIG) > Authors : Francis Dupont > Stephen Morris > Paul Vixie > Donald E. Eastlake 3rd > Olafur Gudmundsson > Brian Wellington > Filename : draft-ietf-dnsop-rfc2845bis-07.txt > Pages : 27 > Date : 2020-02-20 > > Abstract: > This document describes a protocol for transaction level > authentication using shared secrets and one way hashing. It can be > used to authenticate dynamic updates as coming from an approved > client, or to authenticate responses as coming from an approved name > server. > > No recommendation is made here for distributing the shared secrets: > it is expected that a network administrator will statically configure > name servers and clients using some out of band mechanism. > > This document obsoletes RFC2845 and RFC4635. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc2845bis/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-dnsop-rfc2845bis-07 > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-rfc2845bis-07 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-rfc2845bis-07 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
