On Mon, 15 Aug 2022, Tony Finch wrote:
o 2019: IETF partially deprecates SHA-1 for use in DNSSEC [RFC8624]
"s/partially/for new stuff/"
o 2020: Chosen-prefix collision demonstrated in SHA-1 [SHA-mbles]
Yes, this is where we disagree about whether this can be abused in DNSSEC. You and Viktor believe it can. I do not (yet). Paul _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
