[DNSOP] Re: Paths forward WRT the draft-ietf-dnsop-must-not-sha1 discrepancy

Fri, 15 Aug 2025 09:16:47 -0700 

Hello Wes

RSASHA1 and NSEC3RSASHA1 are different from GOST in that they were
widely deployed. Would inclusion of a timetable be suitable for this
draft? (This may not be possible, but I suggest it if possible.)

E.g., if T is the publication date of this draft's RFC:

* At T, RSASHA1 and NSEC3RSASHA1 are deprecated and SHOULD NOT be used
  to sign zones.

* At T + 12 months, implementations can turn off support for signing
  using these algorithms.

* At T + 18 months, implementations can turn off support for validation
  of RRSIGs with this algorithm.

With a timetable presented to operators and implementors, there are
planned step by step deadlines. If the current draft's language of
continuing to support RSA+SHA-1 validation is carried, there would have
to be some other instruction to drop support fully at a later date.

Second, it may be worthwhile explicitly listing out what to do in each
of the SHA-1 uses for clarity.

1. How the draft affects RRSIGs with RRSIG.algorithm == RSASHA1 or
   RRSIG.algorithm == NSEC3RSASHA1 (drop support)

2. How the draft affects RRSIGs with RRSIG.algorithm == RSASHA1 or
   RRSIG.algorithm == NSEC3RSASHA1 covering a DS type. Same as 1?

3. How the draft affects DS with DS.algorithm == RSASHA1 or DS.algorithm
   == NSEC3RSASHA1.

4. How the draft affects DS with DS.digest-type == SHA-1.

   <https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml>
   cites this draft; this draft does not explicitly mention this item in
   section 2 for implementors/operators, but instructs IANA in section 5
   for it. The digest-type == SHA-1 case is slightly different from the
   RSA + SHA-1 case as it's purely a digest (e.g., some distributions
   that dropped support for RSA + SHA1 still support SHA-1 digest
   computation). Section 2 should mention that DS.digest-type == SHA-1
   must no longer be allowed.

5. How this draft affects SHA-1 usage in NSEC3 and TSIG's hmac-sha1
   usage -- mention these are unaffected.

                Mukund

Attachment: signature.asc
Description: PGP signature

_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to