On Feb 25, 2021, at 11:06, Ben Schwartz <[email protected]> wrote: > > > > That's not especially the intent. Currently, if you sign with two > algorithms, and either of those algorithms becomes insecure*, your zone > becomes susceptible to forgery.
Which is why we have RFC 8624 and it’s successors. It really should prevent you from using “insecure” or weak algorithms. The [*] doesn’t really help you. If sha2 is broken and we don’t know it, you wouldn’t know to not use it as “secure” > If you mark both algorithms as Strict, then your zone remains secure (for > validators who implement both algorithms and this draft). That cannot be true, unless your draft requires validaties to validate with all algorithms for a double signed zone (also double signed zones are rare and really only transition during a migration) I’m with Paul H here, I don’t see a use case. As I think Petr said, we need to make the software do algorithm rollovers easier so people don’t avoid migration. Paul _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
