On 6/17/20 8:30 AM, Mats Dufberg wrote: >> I wonder if there is a way to extend >> https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml >> >> to add signing/validation recommendations. This seems "hard" from >> the world of IANA, but I'm not an expert. > > What strikes me is that IANA has no reference to RFC 8624 and that > IANA still seems to consider SHA-1 and GOST to be algorithms to be used.
According to that last RFC, GOST in particular MAY be supported in validators, but there are others. Maybe the "Zone Signing" column in the registry is not meant to represent whether an algorithm has been obsoleted but just the purpose? Or did "we forget" to add IANA section into that RFC? (I'm no good around these process-related knowledge.) In any case, it would be nice from my perspective if the table could contain... basically the table from the RFC. --Vladimir
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
