Paul,
On 8/10/22 11:09, Paul Wouters wrote:
On Aug 10, 2022, at 10:30, Robert Moskowitz <rgm-...@htt-consult.com>
wrote:
I will fix my example. Do you think I should have both examples:
with and without gateway?
No. First because you are not tunneling and it doesn’t apply to you
and second because it can only be set for IPSECKEY records in the
reverse zones, not in any forward zones.
Current IANA registry is:
0 No key is present [RFC4025]
1 A DSA key is present, in the format defined in [RFC2536]
[RFC4025]
2 A RSA key is present, in the format defined in [RFC3110]
[RFC4025]
3 An ECDSA key is present, in the format defined in [RFC6605]
[RFC8005]
Per Paul's request I am coming up that for EdDSA I would ask the
following be added:
4 An EdDSA Public key is present, in the format defined in
[RFC8080] [This]
Note the addition of "Public"
* So should 1 - 3 also have "Public" added?
* Should 4 NOT have "Public"
* Should text be added describing this registry to be for "Public"
keys?
I think it should have public and an errata could be filed for 1-3 ?
Or we can draft a separate draft for encoding algo 14 (digital
signatures) that also fixes up these entries ?
Or this draft could fix them ? Maybe the chairs or AD could give
guidance here 😀
I think I could have the IANA Considerations have a fix for 1 - 3 as
well as add 4.
I will work something up and share it here..
Thanks Bob!
Paul
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec