idnits 2.17.1 draft-ietf-dnsop-algorithm-update-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 10, 2019) is 1841 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 6944 (Obsoleted by RFC 8624) Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 dnsop P. Wouters 3 Internet-Draft Red Hat 4 Obsoletes: 6944 (if approved) O. Sury 5 Intended status: Standards Track Internet Systems Consortium 6 Expires: October 12, 2019 April 10, 2019 8 Algorithm Implementation Requirements and Usage Guidance for DNSSEC 9 draft-ietf-dnsop-algorithm-update-09 11 Abstract 13 The DNSSEC protocol makes use of various cryptographic algorithms in 14 order to provide authentication of DNS data and proof of non- 15 existence. To ensure interoperability between DNS resolvers and DNS 16 authoritative servers, it is necessary to specify a set of algorithm 17 implementation requirements and usage guidelines to ensure that there 18 is at least one algorithm that all implementations support. This 19 document defines the current algorithm implementation requirements 20 and usage guidance for DNSSEC. This document obsoletes RFC6944. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at https://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on October 12, 2019. 39 Copyright Notice 41 Copyright (c) 2019 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (https://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 1.1. Updating Algorithm Implementation Requirements and Usage 58 Guidance . . . . . . . . . . . . . . . . . . . . . . . . 2 59 1.2. Updating Algorithm Requirement Levels . . . . . . . . . . 3 60 1.3. Document Audience . . . . . . . . . . . . . . . . . . . . 4 61 2. Conventions Used in This Document . . . . . . . . . . . . . . 4 62 3. Algorithm Selection . . . . . . . . . . . . . . . . . . . . . 4 63 3.1. DNSKEY Algorithms . . . . . . . . . . . . . . . . . . . . 4 64 3.2. DNSKEY Algorithm Recommendation . . . . . . . . . . . . . 6 65 3.3. DS and CDS Algorithms . . . . . . . . . . . . . . . . . . 6 66 3.4. DS and CDS Algorithm Recommendation . . . . . . . . . . . 7 67 4. Implementation Status . . . . . . . . . . . . . . . . . . . . 7 68 4.1. DNSKEY Algorithms . . . . . . . . . . . . . . . . . . . . 7 69 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 70 6. Operational Considerations . . . . . . . . . . . . . . . . . 8 71 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 72 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9 73 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 74 9.1. Normative References . . . . . . . . . . . . . . . . . . 9 75 9.2. Informative References . . . . . . . . . . . . . . . . . 9 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 78 1. Introduction 80 The DNSSEC signing algorithms are defined by various RFCs, including 81 [RFC4034], [RFC5155], [RFC5702], [RFC5933], [RFC6605], [RFC8080]. 82 DNSSEC is used to provide authentication of data. To ensure 83 interoperability, a set of "mandatory-to-implement" DNSKEY algorithms 84 are defined. This document obsoletes [RFC6944]. 86 1.1. Updating Algorithm Implementation Requirements and Usage Guidance 88 The field of cryptography evolves continuously. New, stronger 89 algorithms appear and existing algorithms are found to be less secure 90 then originally thought. Attacks previously thought to be 91 computationally infeasible become more accessible as the available 92 computational resources increase. Therefore, algorithm 93 implementation requirements and usage guidance need to be updated 94 from time to time to reflect the new reality. The choices for 95 algorithms must be conservative to minimize the risk of algorithm 96 compromise. 98 1.2. Updating Algorithm Requirement Levels 100 The mandatory-to-implement algorithm of tomorrow should already be 101 available in most implementations of DNSSEC by the time it is made 102 mandatory. This document attempts to identify and introduce those 103 algorithms for future mandatory-to-implement status. There is no 104 guarantee that algorithms in use today will become mandatory in the 105 future. Published algorithms are continuously subjected to 106 cryptographic attack and may become too weak, or even be completely 107 broken, before this document is updated. 109 This document only provides recommendations with respect to 110 mandatory-to-implement algorithms or algorithms so weak that these 111 cannot be recommended. Any algorithm listed in the [DNSKEY-IANA] and 112 [DS-IANA] registries, but not mentioned in this document, MAY be 113 implemented. For clarification and consistency, an algorithm will be 114 specified as MAY in this document only when it has been downgraded 115 from a MUST or a RECOMMENDED to a MAY. 117 Although this document's primary purpose is to update algorithm 118 recommendations to keep DNSSEC authentication secure over time, it 119 also aims to do so in such a way that DNSSEC implementations remain 120 interoperable. DNSSEC interoperability is addressed by an 121 incremental introduction or deprecation of algorithms. 123 [RFC2119] considers the term SHOULD equivalent to RECOMMENDED, and 124 SHOULD NOT equivalent to NOT RECOMMENDED. The authors of this 125 document have chosen to use the terms RECOMMENDED and NOT 126 RECOMMENDED, as this more clearly expresses the intent to 127 implementers. 129 It is expected that deprecation of an algorithm will be performed 130 gradually in a series of updates to this document. This provides 131 time for various implementations to update their implemented 132 algorithms while remaining interoperable. Unless there are strong 133 security reasons, an algorithm is expected to be downgraded from MUST 134 to NOT RECOMMENDED or MAY, instead of to MUST NOT. Similarly, an 135 algorithm that has not been mentioned as mandatory-to-implement is 136 expected to be introduced with a RECOMMENDED instead of a MUST. 138 Since the effect of using an unknown DNSKEY algorithm is that the 139 zone is treated as insecure, it is recommended that algorithms 140 downgraded to NOT RECOMMENDED or lower not be used by authoritative 141 nameservers and DNSSEC signers to create new DNSKEYs. This will 142 allow for deprecated algorithms to become less and less common over 143 time. Once an algorithm has reached a sufficiently low level of 144 deployment, it can be marked as MUST NOT, so that recursive resolvers 145 can remove support for validating it. 147 Recursive nameservers are encouraged to retain support for all 148 algorithms not marked as MUST NOT. 150 1.3. Document Audience 152 The recommendations of this document mostly target DNSSEC 153 implementers, as implementations need to meet both high security 154 expectations as well as high interoperability between various vendors 155 and with different versions. Interoperability requires a smooth 156 transition to more secure algorithms. This perspective may differ 157 from that of a user who wishes to deploy and configure DNSSEC with 158 only the safest algorithm. On the other hand, the comments and 159 recommendations in this document are also expected to be useful for 160 such users. 162 2. Conventions Used in This Document 164 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 165 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 166 "OPTIONAL" in this document are to be interpreted as described in BCP 167 14 [RFC2119] [RFC8174] when, and only when, they appear in all 168 capitals, as shown here. 170 3. Algorithm Selection 172 3.1. DNSKEY Algorithms 174 Implementation recommendations for DNSKEY algorithms [DNSKEY-IANA]. 176 +--------+--------------------+-----------------+-------------------+ 177 | Number | Mnemonics | DNSSEC Signing | DNSSEC Validation | 178 +--------+--------------------+-----------------+-------------------+ 179 | 1 | RSAMD5 | MUST NOT | MUST NOT | 180 | 3 | DSA | MUST NOT | MUST NOT | 181 | 5 | RSASHA1 | NOT RECOMMENDED | MUST | 182 | 6 | DSA-NSEC3-SHA1 | MUST NOT | MUST NOT | 183 | 7 | RSASHA1-NSEC3-SHA1 | NOT RECOMMENDED | MUST | 184 | 8 | RSASHA256 | MUST | MUST | 185 | 10 | RSASHA512 | NOT RECOMMENDED | MUST | 186 | 12 | ECC-GOST | MUST NOT | MAY | 187 | 13 | ECDSAP256SHA256 | MUST | MUST | 188 | 14 | ECDSAP384SHA384 | MAY | RECOMMENDED | 189 | 15 | ED25519 | RECOMMENDED | RECOMMENDED | 190 | 16 | ED448 | MAY | RECOMMENDED | 191 +--------+--------------------+-----------------+-------------------+ 193 RSAMD5 is not widely deployed and there is an industry-wide trend to 194 deprecate MD5 usage. 196 RSASHA1 and RSASHA1-NSEC3-SHA1 are widely deployed, although zones 197 deploying it are recommended to switch to ECDSAP256SHA256 as there is 198 an industry-wide trend to move to elliptic curve cryptography. 199 RSASHA1 does not support NSEC3. RSASHA1-NSEC3-SHA1 can be used with 200 or without NSEC3. 202 DSA and DSA-NSEC3-SHA1 are not widely deployed and vulnerable to 203 private key compromise when generating signatures using a weak or 204 compromised random number generator. 206 RSASHA256 is in wide use and considered strong. It has been the 207 default algorithm for a number of years and is now slowly being 208 replaced with ECDSAP256SHA256 due to its shorter key and signature 209 size, resulting in smaller DNS packets. 211 RSASHA512 is NOT RECOMMENDED for DNSSEC Signing because it has not 212 seen wide deployment, but there are some deployments hence DNSSEC 213 Validation MUST implement RSASHA512 to ensure interoperability. 214 There is no significant difference in cryptographic strength between 215 RSASHA512 and RSASHA256, therefore it is discouraged to use 216 RSASHA512, as it will only make deprecation of older algorithms 217 harder. People who wish to use a cryptographically stronger 218 algorithm should switch to elliptic curve cryptography algorithms. 220 ECC-GOST (GOST R 34.10-2001) has been superseded by GOST R 34.10-2012 221 in [RFC7091]. GOST R 34.10-2012 hasn't been standardized for use in 222 DNSSEC. 224 ECDSAP256SHA256 provides more cryptographic strength with a shorter 225 signature length than either RSASHA256 or RSASHA512. ECDSAP256SHA256 226 has been widely deployed and therefore it is now at MUST level for 227 both validation and signing. It is RECOMMENDED to use the 228 deterministic digital signature generation procedure of the ECDSA 229 ([RFC6979]) when implementing ECDSAP256SHA256 (and ECDSAP384SHA384). 231 ECDSAP384SHA384 shares the same properties as ECDSAP256SHA256, but 232 offers a modest security advantage over ECDSAP256SHA256 (192 bits of 233 strength versus 128 bits). For most DNSSEC applications, 234 ECDSAP256SHA256 should be satisfactory and robust for the foreseeable 235 future, and is therefore recommended for signing. While it is 236 unlikely for a DNSSEC use case requiring 192-bit security strength to 237 arise, ECDSA384SHA384 is provided for such applications and it MAY be 238 used for signing in these cases. 240 ED25519 and ED448 use the Edwards-curve Digital Security Algorithm 241 (EdDSA). There are three main advantages of EdDSA: It does not 242 require the use of a unique random number for each signature, there 243 are no padding or truncation issues as with ECDSA, and it is more 244 resilient to side-channel attacks. Furthermore, EdDSA cryptography 245 is less prone to implementation errors ([RFC8032], [RFC8080]). It is 246 expected that ED25519 will become the future RECOMMENDED default 247 algorithm once there's enough support for this algorithm in the 248 deployed DNSSEC validators. 250 3.2. DNSKEY Algorithm Recommendation 252 Due to the industry-wide trend towards elliptic curve cryptography, 253 ECDSAP256SHA256 is the RECOMMENDED DNSKEY algorithm for use by new 254 DNSSEC deployments, and users of RSA-based algorithms SHOULD upgrade 255 to ECDSAP256SHA256. 257 3.3. DS and CDS Algorithms 259 Recommendations for Delegation Signer Digest Algorithms [DNSKEY-IANA] 260 These recommendations also apply to the CDS RRTYPE as specified in 261 [RFC7344] 263 +--------+-----------------+-------------------+-------------------+ 264 | Number | Mnemonics | DNSSEC Delegation | DNSSEC Validation | 265 +--------+-----------------+-------------------+-------------------+ 266 | 0 | NULL (CDS only) | MUST NOT [*] | MUST NOT [*] | 267 | 1 | SHA-1 | MUST NOT | MUST | 268 | 2 | SHA-256 | MUST | MUST | 269 | 3 | GOST R 34.11-94 | MUST NOT | MAY | 270 | 4 | SHA-384 | MAY | RECOMMENDED | 271 +--------+-----------------+-------------------+-------------------+ 273 [*] - This is a special type of CDS record signaling removal of DS at 274 the parent in [RFC8078]. 276 NULL is a special case, see [RFC8078]. 278 SHA-1 is still in wide use for DS records, so validators MUST 279 implement validation, but it MUST NOT be used to generate new DS and 280 CDS records. (See Operational Considerations for caveats when 281 upgrading from SHA-1 to SHA-256 DS Algorithm.) 283 SHA-256 is in wide use and considered strong. 285 GOST R 34.11-94 has been superseded by GOST R 34.11-2012 in 286 [RFC6986]. GOST R 34.11-2012 has not been standardized for use in 287 DNSSEC. 289 SHA-384 shares the same properties as SHA-256, but offers a modest 290 security advantage over SHA-256 (384-bits of strength versus 291 256-bits). For most applications of DNSSEC, SHA-256 should be 292 satisfactory and robust for the foreseeable future, and is therefore 293 recommended for DS and CDS records. While it is unlikely for a 294 DNSSEC use case requiring 384-bit security strength to arise, SHA-384 295 is provided for such applications and it MAY be used for generating 296 DS and CDS records in these cases. 298 3.4. DS and CDS Algorithm Recommendation 300 Operation recommendation for new and existing deployments: SHA-256 is 301 the RECOMMENDED DS and CDS algorithm. 303 4. Implementation Status 305 [RFC Editor Note: Please remove this entire section plus all 306 references to [RFC7942] prior to publication as an RFC.] 308 This section records the status of known implementations of the 309 protocol defined by this specification at the time of posting of this 310 Internet-Draft, and is based on a proposal described in [RFC7942]. 311 The description of implementations in this section is intended to 312 assist the IETF in its decision processes in progressing drafts to 313 RFCs. Please note that the listing of any individual implementation 314 here does not imply endorsement by the IETF. Furthermore, no effort 315 has been spent to verify the information presented here that was 316 supplied by IETF contributors. This is not intended as, and must not 317 be construed to be, a catalog of available implementations or their 318 features. Readers are advised to note that other implementations may 319 exist. 321 According to RFC 7942, "this will allow reviewers and working groups 322 to assign due consideration to documents that have the benefit of 323 running code, which may serve as evidence of valuable experimentation 324 and feedback that have made the implemented protocols more mature. 325 It is up to the individual working groups to use this information as 326 they see fit". 328 4.1. DNSKEY Algorithms 330 The following table contains the status of support in the open-source 331 DNS signers and validators in the current released versions as of the 332 time writing this document. Usually, the support for specific 333 algorithm has to be also included in the cryptographic libraries that 334 the software use. 336 +--------------------+------+--------+---------+----------+---------+ 337 | Mnemonics | BIND | Knot | OpenDNS | PowerDNS | Unbound | 338 | | | DNS | | | | 339 +--------------------+------+--------+---------+----------+---------+ 340 | RSAMD5 | Y | N | Y | N | N | 341 | DSA | Y | N | Y | N | Y | 342 | RSASHA1 | Y | Y | Y | Y | Y | 343 | DSA-NSEC3-SHA1 | Y | N | Y | N | Y | 344 | RSASHA1-NSEC3-SHA1 | Y | Y | Y | Y | Y | 345 | RSASHA256 | Y | Y | Y | Y | Y | 346 | RSASHA512 | Y | Y | Y | Y | Y | 347 | ECC-GOST | N | N | Y | N | Y | 348 | ECDSAP256SHA256 | Y | Y | Y | Y | Y | 349 | ECDSAP384SHA384 | Y | Y | Y | Y | Y | 350 | ED25519 | Y | Y | N | Y | Y | 351 | ED448 | N | N | N | Y | Y | 352 +--------------------+------+--------+---------+----------+---------+ 354 5. Security Considerations 356 The security of cryptographic systems depends on both the strength of 357 the cryptographic algorithms chosen and the strength of the keys used 358 with those algorithms. The security also depends on the engineering 359 of the protocol used by the system to ensure that there are no non- 360 cryptographic ways to bypass the security of the overall system. 362 This document concerns itself with the selection of cryptographic 363 algorithms for use in DNSSEC, specifically with the selection of 364 "mandatory-to-implement" algorithms. The algorithms identified in 365 this document as MUST or RECOMMENDED to implement are not known to be 366 broken (in the cryptographic sense) at the current time, and 367 cryptographic research so far leads us to believe that they are 368 likely to remain secure into the foreseeable future. However, this 369 isn't necessarily forever, and it is expected that new revisions of 370 this document will be issued from time to time to reflect the current 371 best practices in this area. 373 Retiring an algorithm too soon would result in a zone signed with the 374 retired algorithm being downgraded to the equivalent of an unsigned 375 zone. Therefore, algorithm deprecation must be done very slowly and 376 only after careful consideration and measurement of its use. 378 6. Operational Considerations 380 DNSKEY algorithm rollover in a live zone is a complex process. See 381 [RFC6781] and [RFC7583] for guidelines on how to perform algorithm 382 rollovers. 384 DS algorithm rollover in a live zone is also a complex process. 385 Upgrading algorithm at the same time as rolling the new KSK key will 386 lead to DNSSEC validation failures, and users MUST upgrade the DS 387 algorithm first before rolling the Key Signing Key. 389 7. IANA Considerations 391 This document makes no requests of IANA. 393 8. Acknowledgements 395 This document borrows text from RFC 4307 by Jeffrey I. Schiller of 396 the Massachusetts Institute of Technology (MIT) and the 4307bis 397 document by Yoav Nir, Tero Kivinen, Paul Wouters, and Daniel Migault. 398 Much of the original text has been copied verbatim. 400 We wish to thank Michael Sinatra, Roland van Rijswijk-Deij, Olafur 401 Gudmundsson, Paul Hoffman, Evan Hunt, and Peter Yee for their 402 feedback. 404 Kudos to Roy Arends for bringing the DS rollover issue to light. 406 9. References 408 9.1. Normative References 410 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 411 Requirement Levels", BCP 14, RFC 2119, 412 DOI 10.17487/RFC2119, March 1997, 413 . 415 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 416 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 417 May 2017, . 419 9.2. Informative References 421 [RFC4034] Arends, R., Austein, R., Larson, M., Massey, D., and S. 422 Rose, "Resource Records for the DNS Security Extensions", 423 RFC 4034, DOI 10.17487/RFC4034, March 2005, 424 . 426 [RFC5155] Laurie, B., Sisson, G., Arends, R., and D. Blacka, "DNS 427 Security (DNSSEC) Hashed Authenticated Denial of 428 Existence", RFC 5155, DOI 10.17487/RFC5155, March 2008, 429 . 431 [RFC5702] Jansen, J., "Use of SHA-2 Algorithms with RSA in DNSKEY 432 and RRSIG Resource Records for DNSSEC", RFC 5702, 433 DOI 10.17487/RFC5702, October 2009, 434 . 436 [RFC5933] Dolmatov, V., Ed., Chuprina, A., and I. Ustinov, "Use of 437 GOST Signature Algorithms in DNSKEY and RRSIG Resource 438 Records for DNSSEC", RFC 5933, DOI 10.17487/RFC5933, July 439 2010, . 441 [RFC6605] Hoffman, P. and W. Wijngaards, "Elliptic Curve Digital 442 Signature Algorithm (DSA) for DNSSEC", RFC 6605, 443 DOI 10.17487/RFC6605, April 2012, 444 . 446 [RFC6781] Kolkman, O., Mekking, W., and R. Gieben, "DNSSEC 447 Operational Practices, Version 2", RFC 6781, 448 DOI 10.17487/RFC6781, December 2012, 449 . 451 [RFC6944] Rose, S., "Applicability Statement: DNS Security (DNSSEC) 452 DNSKEY Algorithm Implementation Status", RFC 6944, 453 DOI 10.17487/RFC6944, April 2013, 454 . 456 [RFC6979] Pornin, T., "Deterministic Usage of the Digital Signature 457 Algorithm (DSA) and Elliptic Curve Digital Signature 458 Algorithm (ECDSA)", RFC 6979, DOI 10.17487/RFC6979, August 459 2013, . 461 [RFC6986] Dolmatov, V., Ed. and A. Degtyarev, "GOST R 34.11-2012: 462 Hash Function", RFC 6986, DOI 10.17487/RFC6986, August 463 2013, . 465 [RFC7091] Dolmatov, V., Ed. and A. Degtyarev, "GOST R 34.10-2012: 466 Digital Signature Algorithm", RFC 7091, 467 DOI 10.17487/RFC7091, December 2013, 468 . 470 [RFC7344] Kumari, W., Gudmundsson, O., and G. Barwood, "Automating 471 DNSSEC Delegation Trust Maintenance", RFC 7344, 472 DOI 10.17487/RFC7344, September 2014, 473 . 475 [RFC7583] Morris, S., Ihren, J., Dickinson, J., and W. Mekking, 476 "DNSSEC Key Rollover Timing Considerations", RFC 7583, 477 DOI 10.17487/RFC7583, October 2015, 478 . 480 [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running 481 Code: The Implementation Status Section", BCP 205, 482 RFC 7942, DOI 10.17487/RFC7942, July 2016, 483 . 485 [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital 486 Signature Algorithm (EdDSA)", RFC 8032, 487 DOI 10.17487/RFC8032, January 2017, 488 . 490 [RFC8078] Gudmundsson, O. and P. Wouters, "Managing DS Records from 491 the Parent via CDS/CDNSKEY", RFC 8078, 492 DOI 10.17487/RFC8078, March 2017, 493 . 495 [RFC8080] Sury, O. and R. Edmonds, "Edwards-Curve Digital Security 496 Algorithm (EdDSA) for DNSSEC", RFC 8080, 497 DOI 10.17487/RFC8080, February 2017, 498 . 500 [DNSKEY-IANA] 501 "DNSKEY Algorithms", . 504 [DS-IANA] "Delegation Signer Digest Algorithms", 505 . 508 Authors' Addresses 510 Paul Wouters 511 Red Hat 512 CA 514 EMail: pwouters@redhat.com 516 Ondrej Sury 517 Internet Systems Consortium 518 CZ 520 EMail: ondrej@isc.org