In your letter dated Tue, 11 Nov 2025 19:21:17 +0000 you wrote: >And, if there are two DS records for the same key, one with each of the old >and new hash code points, then an older validator would use the old hash >format, and behave exactly as it does now. Meaning, if the validator has no >PRIVATE* support, it would fail to recognize the DNSKEY algorithm 253 >or 254, so that delegation would also be treated as insecure. > >The only tricky case is a validator that knows about PRIVATE* but >doesn't know the new hash code points.
I don't think this solves the problem that this draft tries to solve (unless the draft adds some extra text). If a validator that implements this draft encounters a DS RRset that use both SHA-256 and SHA-256-PRIVATE and it does not support the algorithm used in the DS records with SHA-256-PRIVATE then it will continue trying to validate using the DS record that uses SHA-256. And we are back to square one. So the draft would have to say that any validator that supports SHA-256-PRIVATE has to treat DS records that use SHA-256 and algorithm PRIVATE* as insecure. Possible, but is that going to make anybody happy? _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
