Yoav Nir via Datatracker <noreply@xxxxxxxx> writes:
> In the introduction, we have "DNSSEC [RFC9364] originally made extensive use of
> SHA-1 as a cryptographic verification algorithm ... Since then, multiple other
> signing algorithms with stronger cryptographic strength are now widely
> available..."
>
> RFC 9364 is from 2023. The algorithms in question (like SHA-256) did not pop up
> "since then". The extensive use of SHA-1 has been since RFC 3110 from 2001. I
> believe that should be the referenced document.
That's a good point. I changed it to double-reference:
DNSSEC [RFC9364] originally [RFC3110]...
> The other issue is with the security considerations section. It says, "This
> document reduces the risk that a zone cannot be validated due to lack of SHA-1
> support in a validator". To me, that's an operational consideration - don't
> use this because many validations don't support it. The security consideration
> should be that RSA signatures with the SHA-1 has are no longer considered
> secure (already stated in the introduction), and that is why validators are
> dropping it and why you implementer should also drop it.
Also a good point. How is this as a replacement:
This document deprecates the use of RSASHA1 and RSASHA1-NSEC3-SHA1
signatures since they are no longer considered to be secure.
--
Wes Hardaker
USC/ISI
--
last-call mailing list -- last-call@xxxxxxxx
To unsubscribe send an email to last-call-leave@xxxxxxxx
