The IESG has received a request from the Domain Name System Operations WG (dnsop) to consider the following document: - 'Deprecating the use of SHA-1 in DNSSEC signature algorithms' <draft-ietf-dnsop-must-not-sha1-03.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the [email protected] mailing lists by 2025-03-06. Exceptionally, comments may be sent to [email protected] instead. In either case, please retain the beginning of the Subject line to allow automated sorting. This document is part of a cluster of 3 DNSOP WG documents and it is recommended to start with draft-ietf-dnsop-rfc8624-bis before any of the others (draft-ietf-dnsop-must-not-sha1 and draft-ietf-dnsop-must-not-ecc-gost). Abstract This document deprecates the use of the RSASHA1 and RSASHA1-NSEC3-SHA1 algorithms for the creation of DNSKEY and RRSIG records. It updates RFC4034 and RFC5155 as it deprecates the use of these algorithms. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-dnsop-must-not-sha1/ No IPR declarations have been submitted directly on this I-D. _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
