Hi Wes! Thanks for -05 and -06. Comments below ...
-----Original Message----- From: Wes Hardaker <[email protected]> Sent: Tuesday, May 20, 2025 6:43 PM To: Roman Danyliw via Datatracker <[email protected]> Cc: The IESG <[email protected]>; Roman Danyliw <[email protected]>; [email protected]; [email protected]; [email protected]; [email protected] Subject: Re: Roman Danyliw's Discuss on draft-ietf-dnsop-must-not-ecc-gost-04: (with DISCUSS and COMMENT) Warning: External Sender - do not click links or open attachments unless you recognize the sender and know the content is safe. Roman Danyliw via Datatracker <[email protected]> writes: [snip] > > -- The text here says, “no longer recommended”, but in Section 2 a > much strong statement of “MUST NOT” is use. Those don’t seem congruent. The no longer recommended is an explanation, but the section 2 text is the actual standards mandate. > ** Section 1. The second sentence conflicts with the text in the first. > > -- “The use of GOST 34.10-2012 and GOST 34.11-2012 in DNSSEC is > documented in [RFC9558], …” > > -- “Note that this document does not change or discuss the use of GOST > 34.10-2012 and GOST 34.11-2012.” That's describing a *different* algorithm and that we're not talking about it. GOST...2012 vs GOST...2001. It can be confusing. [Roman] We're talking about different sentences. Let me be clearer. From Section 1: (a) The use of GOST 34.10-2012 and GOST 34.11-2012 in DNSSEC is documented in [RFC9558], and so [RFC5933] has been made Historic. (b) Thus, the use of GOST R 34.10-2001 (mnemonic GOST-ECC) and GOST R 34.11-94 is no longer recommended for use in DNSSEC [RFC9364]. (c) Note that this document does not change or discuss the use of GOST 34.10-2012 and GOST 34.11-2012. [Roman] Sentence (a) and (c) are the ones I was referencing. By citing RFC9558, sentence (a) "discusses" the use of GOST 34.10-2012/GOST 34.11-2012 which sentence (c) said the text would not do. Regards, Roman _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
