From bmanning@karoshi.com  Thu Aug 29 13:04:27 2002
From: bmanning@karoshi.com (bmanning@karoshi.com)
Date: Thu, 29 Aug 2002 12:04:27 +0000 (UCT)
Subject: [vet-DS]list & key
Message-ID: <200208291204.MAA25160@vacation.karoshi.com>

Morning folks,

	For the most part, I've either bcc'd or directly emailed you regarding
the open DS workshop to be held just prior to the upcoming IETF in Atlanta.
Based on a couple of requests for a "real" list, there is now <dnssec@isi.edu>
which is being used to distribute this note.

	http://mailman.isi.edu/mailman/listinfo/dnssec

And now, a status update.

	We are still waiting for a room in Atl. CNRI is working the issue.

	The testbed is operational & visable using IPv6.
	The following zones are signed:
		
		.
		arpa.
		com.
		int.
		mil.
		net.
		nl.
		org.	

	The root key has been changed from a 512bit DSA key to
	a 4096bit RSA/MD5 key.  

	The root key can be picked up using the finger protocol:
	%finger apex@rs.net

	There is a web page (under construction)  www.rs.net

Question.  RSA/MD5 or RSA/SHA1 for the root key?

--bill

From markk@netsol.com  Thu Aug 29 16:27:02 2002
From: markk@netsol.com (Mark Kosters)
Date: Thu, 29 Aug 2002 11:27:02 -0400
Subject: [vet-DS]list & key
In-Reply-To: <200208291204.MAA25160@vacation.karoshi.com>
References: <200208291204.MAA25160@vacation.karoshi.com>
Message-ID: <20020829152702.GB1737@netsol.com>

On Thu, Aug 29, 2002 at 12:04:27PM +0000, bmanning@karoshi.com wrote:
> Question.  RSA/MD5 or RSA/SHA1 for the root key?

As per rfc 3110, RSA/SHA1.

Mark

-- 

Mark Kosters             markk@netsol.com       Verisign Applied Research

From jas@extundo.com  Thu Aug 29 16:57:08 2002
From: jas@extundo.com (Simon Josefsson)
Date: Thu, 29 Aug 2002 17:57:08 +0200
Subject: [vet-DS]list & key
In-Reply-To: <20020829152702.GB1737@netsol.com> (Mark Kosters's message of
 "Thu, 29 Aug 2002 11:27:02 -0400")
References: <200208291204.MAA25160@vacation.karoshi.com>
 <20020829152702.GB1737@netsol.com>
Message-ID: <ilulm6podyj.fsf@latte.josefsson.org>

Mark Kosters <markk@netsol.com> writes:

> vet-ds-listOn Thu, Aug 29, 2002 at 12:04:27PM +0000, bmanning@karoshi.com wrote:
>> Question.  RSA/MD5 or RSA/SHA1 for the root key?
>
> As per rfc 3110, RSA/SHA1.

Or add both, to simulate the procedures necessary when doing a gradual
transition from PKCS#2.0/SHA1 to PKCS#2.1/SHA2 or something else.