Re: [dnsext] I-D Action:draft-ietf-dnsext-dnssec-rsasha256-07.txt

[Mark Andrews <Mark_Andrews@isc.org>]

   For use with NSEC3 [RFC5155], the algorithm number for RSA/SHA-256
   will be {TBA2}.  The use of a different algorithm number to
   differentiate between the use of NSEC and NSEC3 is in keeping with
   the approach adopted in RFC5155.

	RFC5155 used different numbers because we *couldn't* use
	the same numbers.  That alone is not sufficient justification
	to have seperate numbers.

	The only reason to have different numbers is if the wg
	believes that there will be DNSSEC implementations in the
	future that will not support NSEC3.  Given that a number
	of TLD's intend to deploy NSEC3 I can't see any new
	implementation not including NSEC3 support.

	Mark

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews@isc.org

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>