--- 1/draft-ietf-dnsext-dnssec-rsasha256-08.txt 2008-12-04 23:12:03.000000000 +0100 +++ 2/draft-ietf-dnsext-dnssec-rsasha256-09.txt 2008-12-04 23:12:03.000000000 +0100 @@ -1,19 +1,19 @@ DNS Extensions working group J. Jansen Internet-Draft NLnet Labs Intended status: Standards Track December 04, 2008 Expires: June 7, 2009 Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC - draft-ietf-dnsext-dnssec-rsasha256-08 + draft-ietf-dnsext-dnssec-rsasha256-09 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that @@ -197,29 +197,24 @@ 5. Implementation Considerations 5.1. Support for SHA-2 signatures DNSSEC aware implementations SHOULD be able to support RRSIG resource records with the RSA/SHA-2 algorithms. 6. IANA Considerations - Note to the RFC editor: please remove this paragraph during final - editing, and request IANA to update the {TBA} designators. - - IANA has assigned DNS Security Algorithm Numbers {TBA1} for RSA/ - SHA-256 with NSEC, {TBA2} for RSA/SHA-256 with NSEC3, {TBA3} for RSA/ - SHA-512 with NSEC, and {TBA4} for RSA/SHA-512 with NSEC3. - - The algorithm list from RFC 4034 Appendix A.1 [RFC4034] is extended - with the following entries: + This document updates the IANA registry "DNS SECURITY ALGORITHM + NUMBERS -- per [RFC4035]" + (http://www.iana.org/assignments/dns-sec-alg-numbers). The following + entries are added to the registry: Zone Value Algorithm Mnemonic Signing References {TBA1} RSA/SHA-256 RSASHA256 y {this memo} {TBA2} RSA/SHA-256-NSEC3 RSASHA256NSEC3 y {this memo} {TBA3} RSA/SHA-512 RSASHA512 y {this memo} {TBA4} RSA/SHA-512-NSEC3 RSASHA512NSEC3 y {this memo} 7. Security Considerations