[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt

To: David Blacka <davidb@verisignlabs.com>
Subject: Re: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
From: Wes Hardaker <hardaker@tislabs.com>
Date: Tue, 27 Dec 2005 09:49:35 -0800
Cc: Edward Lewis <Ed.Lewis@neustar.biz>, "Scott Rose" <scottr@nist.gov>, namedroppers@ops.ietf.org
In-reply-to: <844906B6-3EC9-452D-BBBB-DE7A253001FE@verisignlabs.com> (David Blacka's message of "Tue, 27 Dec 2005 09:47:15 -0500")
Organization: Sparta
References: <ANECIHCPCBDLLEJLCOPGGEJDECAA.scottr@nist.gov> <a06200701bfc87ccb1424@[10.31.32.117]> <sd4q4vmwfm.fsf@wes.hardakers.net> <8F3F5675-F97D-4588-B190-1CE076CFFF64@verisignlabs.com> <sdek3zhxlk.fsf@wes.hardakers.net> <844906B6-3EC9-452D-BBBB-DE7A253001FE@verisignlabs.com>
User-agent: Gnus/5.110003 (No Gnus v0.3) XEmacs/21.4 (Jumbo Shrimp, linux)

>>>>> On Tue, 27 Dec 2005 09:47:15 -0500, David Blacka <davidb@verisignlabs.com> said:

David> Ok, let me step back a little.  Part of what I'm arguing is
David> that the paragraph, as currently constructed just isn't using
David> MUST in an appropriate way.  Statements like "client MUST have
David> feature X, SHOULD use feature X, but MAY choose not to"

That's not what it says, actually...

What is says is "clients lacking a choice MUST prefer SHA-256.
clients with a choice SHOULD make it the default to prefer SHA-256."

However....

David> So, to conclude, I suggest that your paragraph just boil down to:

David> <t>Validator implementations SHOULD ignore DS RRs containing SHA-1  
David> digests if DS RRs with SHA-256 digests are present in the DS RRset.</t>

There are at least enough people in this discussion that are in
agreement with you that I will likely change the wording...  What
needs to be done, however, is to go back in the archives to review
what people in the previous conversations (that led to the current
text) had to say to see if we're everyone is (mostly) in agreement or
whether there is now a split between the old and new conversations.

-- 
Wes Hardaker
Sparta, Inc.

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

References:
- RE: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
  - From: "Scott Rose" <scottr@nist.gov>
- RE: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
  - From: Edward Lewis <Ed.Lewis@neustar.biz>
- Re: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
  - From: Wes Hardaker <hardaker@tislabs.com>
- Re: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
  - From: David Blacka <davidb@verisignlabs.com>
- Re: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
  - From: Wes Hardaker <hardaker@tislabs.com>
- Re: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
  - From: David Blacka <davidb@verisignlabs.com>

Prev by Date: Re: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
Next by Date: Re: [Question] What is an accurate meaning of "A server MAY cache a dead server indication"?
Previous by thread: Re: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
Next by thread: Re: I-D ACTION:draft-ietf-dnsext-ds-sha256-02.txt
Index(es):
- Date
- Thread