Dear Stephane, On Fri, Nov 12, 2021 at 2:46 PM Stephane Bortzmeyer <[email protected]> wrote:
> On Fri, Nov 12, 2021 at 01:59:52PM +0100, > Dmitry Belyavsky <[email protected]> wrote > a message of 153 lines which said: > > > New version of the draft is uploaded. > > I would like to have to additions, if you have time: > > * a section summarizing the changes since RFC 5933. It seems it is > just GOST R 34.10-2001 replaced by GOST R 34.10-2012? > Yes, I will add the corresponding part if it is missing. Both signature and hash are replaced. > * an implementation status section (see RFC 7942) listing the > resolvers that can validate with GOST R 34.10 (Unbound, and BIND, it > seems) but also a few domain names signed with it (I knew caint.su but > it apparently disappeared). > It's a more complicated question. We had to write this document because the former hash and signature algorithms are deprecated both in Russia and by IETF. Then we have a chicken-and-egg problem: we can't sign domains without codepoints for hash and signature algorithms, we can't get the codepoints without RFC. I have an implementation in my private fork of LDNS, BTW. -- SY, Dmitry Belyavsky
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
