[dnssec-deployment] DNSSEC in Russia
Mark Andrews
Mark_Andrews at isc.org
Wed Apr 1 15:18:56 EDT 2009
In message <list-17542409 at execdsl.com>, Paul Hoffman writes:
> At 2:22 PM -0400 4/1/09, Edward Lewis wrote:
> >At 11:17 -0700 4/1/09, Paul Hoffman wrote:
> >
> >>I am interested in the crypto issues they mentioned. If not RSA, what did
> >>they want?
> >
> >GOST (I believe, I wasn't there but I have this...)
>
> OK, that's what I thought. We have not RFC for using GOST in DNSSEC, and we h
> ave no widely-disseminated definition of the signature or hash algorithms. I
> guess that interop is not expected here...
From what I can tell it only requires code points to be
assigned which should be relatively straight forward.
OpenSSL 0.9.9 (still under developement) has support for
both GOST R 34.10-2001 and GOST R 34.11-94 so it shouldn't
be too hard to support them.
> --Paul Hoffman, Director
> --VPN Consortium
>
> #############################################################
> This message is sent to you because you are subscribed to
> the mailing list <dnssec-deployment at shinkuro.com>.
> To unsubscribe, E-mail to: <dnssec-deployment-off at shinkuro.com>
> A public archive is available here: <http://mail.shinkuro.com:8100/Lists/dnss
> ec-deployment/>
> and older material is at
> <http://mail.shinkuro.com:8100/Lists/dnssec-deployment-archive/>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the Dnssec-deployment
mailing list