Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC
draft-ietf-dnsext-dnssec-rsasha256-14

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    dnsext mailing list <namedroppers@ops.ietf.org>, 
    dnsext chair <dnsext-chairs@tools.ietf.org>
Subject: Protocol Action: 'Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC' to Proposed Standard

The IESG has approved the following document:

- 'Use of SHA-2 algorithms with RSA in DNSKEY and RRSIG Resource Records 
   for DNSSEC '
   <draft-ietf-dnsext-dnssec-rsasha256-14.txt> as a Proposed Standard


This document is the product of the DNS Extensions Working Group. 

The IESG contact persons are Ralph Droms and Jari Arkko.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-dnsext-dnssec-rsasha256-14.txt

Ballot Text

Technical Summary

   This document describes how to produce RSA/SHA-256 and RSA/SHA-512
   DNSKEY and RRSIG resource records for use in the Domain Name System
   Security Extensions (DNSSEC, RFC 4033, RFC 4034, and RFC 4035).

Working Group Summary

   The DNS Extensions Working Group had consensus to publish the
   document. 

Document Quality

   The document received thorough review, and it is expected that
   vendors supporting DNSSEC will implement SHA-2 once the document is
   published. During Working Group Last Call, there were objections
   that an earlier approach, which tied SHA-2 to implementation of
   NSEC3, would be a barrier for adoption by some vendors, so the
   specification was changed to avoid the link.

Personnel

   Andrew Sullivan (ajs@shinkuro.com) is the Document Shepherd.
   Ralph Droms (rdroms@cisco.com) is the Responsible AD.

RFC Editor Note