Wes/Warren I made a stab at aligning section 2 of must-not-sha1 with section 2 of must-not-gost.
https://github.com/ietf-wg-dnsop/draft-ietf-dnsop-must-not-sha1/pull/11 If this is useful tim On Wed, May 21, 2025 at 9:49 AM Ondřej Surý <[email protected]> wrote: > Oh, absolutely, great idea. Consistency is great. > > Ondrej > -- > Ondřej Surý (He/Him) > > On 21. 5. 2025, at 15:47, Tim Wicinski <[email protected]> wrote: > > > > wearing no hats > > > Ondrej > > > On Wed, May 21, 2025 at 7:35 AM Ondřej Surý <[email protected]> wrote: > >> Hi Wes and Warren, >> >> while this is not crucial for the draft to progress, but since you are >> making >> changes to it, it might be worthwhile to raise this now rather than later. >> >> The Section 2 mentions DNSKEY and RRSIGs, but there's no mention of SHA-1 >> in DS until "Section 5 IANA Considerations". >> >> > Another idea is to make Section 2 of must-not-sha1 similar to Section 2 of > must-not-gost. > They are almost identical in nature except for the missing DS record in > must-not-sha1. > > I would think the consistency would be useful to the various readers, and > good examples in the future, but I can always be mistaken. > > > tim > >> >>
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
