rfc9904.notprepped.xml

<?xml version='1.0' encoding='UTF-8'?>

<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>

<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-dnsop-rfc8624-bis-13" number="9904" category="std" consensus="true" submissionType="IETF" obsoletes="8624" updates="9157" tocInclude="true" sortRefs="true" symRefs="true" xml:lang="en" version="3">

  <front>
    <title abbrev="DNSSEC Algorithms Update Process">DNSSEC Cryptographic Algorithm Recommendation Update Process</title>
    <seriesInfo name="RFC" value="9904"/>
    <author initials="W." surname="Hardaker" fullname="Wes Hardaker">
      <organization>USC/ISI</organization>
      <address>
        <email>ietf@hardakers.net</email>
      </address>
    </author>
    <author initials="W." surname="Kumari" fullname="Warren Kumari">
      <organization>Google</organization>
      <address>
        <email>warren@kumari.net</email>
      </address>
    </author>
    <date year="2025" month="November"/>
    <area>OPS</area>
    <workgroup>dnsop</workgroup>
    
    <abstract>
      <t>The DNSSEC protocol makes use of various cryptographic algorithms to provide
   authentication of DNS data and proof of nonexistence.  To ensure
   interoperability between DNS resolvers and DNS authoritative servers, it is
   necessary to specify both a set of algorithm implementation requirements and
   usage guidelines to ensure that there is at least one algorithm that all
   implementations support. This document replaces and obsoletes RFC 8624 and moves the
   canonical source of algorithm implementation requirements and usage guidance
   for DNSSEC from RFC 8624 to the IANA DNSSEC algorithm registries. This is done to allow
   the list of requirements to be more easily updated and referenced.
   Extensions to these registries can be made in future RFCs.
   This document also updates RFC 9157 and incorporates the revised 
      IANA DNSSEC considerations from that RFC.</t>
      
      <t>This document does not change the recommendation status (<bcp14>MUST</bcp14>, <bcp14>MAY</bcp14>, <bcp14>RECOMMENDED</bcp14>, etc.) 
   of the algorithms listed in RFC 8624; that is the work of future documents.</t>
    </abstract>
  </front>
  <middle>

    <section anchor="introduction">
      <name>Introduction</name>
      <t>"DNS Security Extensions (DNSSEC)" <xref target="RFC9364"/> is used to provide
   authentication of DNS data. The DNSSEC signing algorithms are
   defined by various RFCs, including <xref target="RFC4034"/>, <xref target="RFC4509"/>, <xref target="RFC5155"/>,
   <xref target="RFC5702"/>, <xref target="RFC5933"/>, <xref target="RFC6605"/>, and <xref target="RFC8080"/>.</t>
      <t>To ensure interoperability, a set of "mandatory-to-implement"
   DNS Public Key (DNSKEY) algorithms are defined in <xref target="RFC8624"/>.  To make the current
   status of the algorithms more easily accessible and understandable,
   and to make future changes to these recommendations easier to
   publish, this document moves the canonical status of the algorithms
   from <xref target="RFC8624"/> to the IANA DNSSEC algorithm registries.
This document also incorporates 
   the revised IANA DNSSEC considerations from <xref target="RFC9157"/>.
   Additionally, as advice to operators, it adds recommendations for
   deploying and using these algorithms.</t>
      <t>This is similar to the process used for the "TLS Cipher Suites" registry <xref target="TLS-ciphersuites"/>,
  where the canonical list of cipher suites is in the IANA registry, and
  RFCs reference the IANA registry.</t>
      <section anchor="document-audience">
        <name>Document Audience</name>
        <t>The columns added to the IANA <xref target="DNSKEY-IANA">"DNS Security Algorithm Numbers"</xref>
   and <xref target="DS-IANA">"Digest Algorithms"</xref> registries target DNSSEC operators and implementers.</t>
        <t>Implementations need to meet high security expectations as
   well as provide interoperability between various implementations and with
   different versions.</t>
        <t>The field of cryptography evolves continuously.  New, stronger algorithms
   appear, and existing algorithms may be found to be less secure than
   originally thought.  Therefore, algorithm implementation requirements and
   usage guidance need to be updated from time to time in order to reflect the
   new reality and to allow for a smooth transition to more secure algorithms
   as well as the deprecation of algorithms deemed to no longer be secure.</t>
        <t>Implementations need to be conservative in the selection of
   algorithms they implement in order to minimize both code complexity
   and the  attack surface.</t>
        <t>The perspective of implementers may differ from that of an operator
   who wishes to deploy and configure DNSSEC with only the safest
   algorithm.  As such, this document also adds new recommendations
   about which algorithms should be deployed regardless of
   implementation status. In general, it is expected that deployment
   of aging algorithms should generally be reduced before
   implementations stop supporting them.</t>
      </section>
      <section anchor="updating-algorithm-requirement-levels">
        <name>Updating Algorithm Requirement Levels</name>
        <t>By the time a DNSSEC cryptographic algorithm is made
   mandatory to implement, it should already be available in most
   implementations.  This document defines an IANA registration
   modification to allow future documents to specify the
   implementation recommendations for each algorithm, as the
   recommendation status of each DNSSEC cryptographic algorithm is
   expected to change over time.  For example, there is no guarantee
   that newly introduced algorithms will become mandatory to implement
   in the future.  Likewise, published algorithms are continuously
   subjected to cryptographic attack and may become too weak, or even
   be completely broken, and will require deprecation in the future.</t>
        <t>It is expected that the deprecation of an algorithm will be performed
   gradually.  This provides time for implementations to update
   their implemented algorithms while remaining interoperable.  Unless
   there are strong security reasons, an algorithm is expected to be
   downgraded from <bcp14>MUST</bcp14> to <bcp14>NOT RECOMMENDED</bcp14> or <bcp14>MAY</bcp14>, instead of directly
   from <bcp14>MUST</bcp14> to <bcp14>MUST NOT</bcp14>.  Similarly, an algorithm that has not been
   mentioned as mandatory to implement is expected to be first introduced
   as <bcp14>RECOMMENDED</bcp14> instead of a <bcp14>MUST</bcp14>.</t>
        <t>Since the effect of using an unknown DNSKEY algorithm is that the
   zone is treated as insecure, it is recommended that algorithms
   that have been downgraded to <bcp14>NOT RECOMMENDED</bcp14> or lower not be used
   by authoritative nameservers and DNSSEC signers to create new
   DNSKEYs.  This ensures that the use of deprecated algorithms
   decreases over time.  Once an algorithm has reached a sufficiently
   low level of deployment, it can be marked as <bcp14>MUST NOT</bcp14>, so that
   recursive resolvers can remove support for validating it.</t>
        <t>Validating recursive resolvers are encouraged to retain support for all
   algorithms not marked as <bcp14>MUST NOT</bcp14>.</t>
      </section>
      <section anchor="requirements-notation">
        <name>Requirements Notation</name>
        <t>
    The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
    NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
    "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
    described in BCP&nbsp;14 <xref target="RFC2119"/> <xref target="RFC8174"/> 
    when, and only when, they appear in all capitals, as shown here.
        </t>
        <t><xref target="RFC2119"/> considers the term <bcp14>SHOULD</bcp14> to be equivalent to <bcp14>RECOMMENDED</bcp14>, and
   <bcp14>SHOULD NOT</bcp14> equivalent to <bcp14>NOT RECOMMENDED</bcp14>.  This document has
   chosen to use the terms <bcp14>RECOMMENDED</bcp14> and <bcp14>NOT RECOMMENDED</bcp14>, as this
   more clearly expresses the recommendations to implementers.</t>
      </section>
    </section>
    <section anchor="adding-usage-and-implementation-recommendations-to-the-iana-dnssec-registries">
      <name>Adding Usage and Implementation Recommendations to the IANA DNSSEC Algorithm Registries</name>
      <t>Per this document, the following columns have been added to the
   corresponding DNSSEC algorithm registries maintained by IANA:</t>
      <table anchor="columns">
        <name>Columns Added to Existing DNSSEC Algorithm Registries</name>
        <thead>
          <tr>
            <th align="left">Registry</th>
            <th align="left">Column Added</th>
          </tr>
        </thead>
        <tbody>
          <tr>
            <td align="left">DNS Security Algorithm Numbers</td>
            <td align="left">Use for DNSSEC Signing</td>
          </tr>
          <tr>
            <td align="left">DNS Security Algorithm Numbers</td>
            <td align="left">Use for DNSSEC Validation</td>
          </tr>
          <tr>
            <td align="left">DNS Security Algorithm Numbers</td>
            <td align="left">Implement for DNSSEC Signing</td>
          </tr>
          <tr>
            <td align="left">DNS Security Algorithm Numbers</td>
            <td align="left">Implement for DNSSEC Validation</td>
          </tr>
          <tr>
            <td align="left">Digest Algorithms</td>
            <td align="left">Use for DNSSEC Delegation</td>
          </tr>
          <tr>
            <td align="left">Digest Algorithms</td>
            <td align="left">Use for DNSSEC Validation</td>
          </tr>
          <tr>
            <td align="left">Digest Algorithms</td>
            <td align="left">Implement for DNSSEC Delegation</td>
          </tr>
          <tr>
            <td align="left">Digest Algorithms</td>
            <td align="left">Implement for DNSSEC Validation</td>
          </tr>
        </tbody>
      </table>
      <section anchor="column-descriptions">
        <name>Column Descriptions</name>
        <t>The intended usage of the four columns in the "DNS Security Algorithm
Numbers" registry is as follows:</t>
        <dl>
          <dt>Use for DNSSEC Signing:</dt>
          <dd>
            <t>Indicates the recommendation for using the algorithm within
authoritative servers.</t>
          </dd>
          <dt>Use for DNSSEC Validation:</dt>
          <dd>
            <t>Indicates the recommendation for using the algorithm in DNSSEC
validators.</t>
          </dd>
          <dt>Implement for DNSSEC Signing:</dt>
          <dd>
            <t>Indicates the recommendation for implementing the algorithm within
DNSSEC signing software.</t>
          </dd>
          <dt>Implement for DNSSEC Validation:</dt>
          <dd>
            <t>Indicates the recommendation for implementing the algorithm within
DNSSEC validators.</t>
          </dd>
        </dl>
        <t>The intended usage of the four columns in the "Digest Algorithms" registry is as follows:</t>
        <dl>
          <dt>Use for DNSSEC Delegation:</dt>
          <dd>
            <t>Indicates the recommendation for using the algorithm within
authoritative servers.</t>
          </dd>
          <dt>Use for DNSSEC Validation:</dt>
          <dd>
            <t>Indicates the recommendation for using the algorithm in DNSSEC
validators.</t>
          </dd>
          <dt>Implement for DNSSEC Delegation:</dt>
          <dd>
            <t>Indicates the recommendation for implementing the algorithm within
authoritative servers.</t>
          </dd>
          <dt>Implement for DNSSEC Validation:</dt>
          <dd>
            <t>Indicates the recommendation for implementing the algorithm within
validating resolvers.</t>
          </dd>
        </dl>
      </section>
      <section anchor="adding-and-changing-values">
        <name>Adding and Changing Values</name>
	<t>
  The following note describing the procedures for adding and
  changing values has been added to the "DNS Security Algorithm
  Numbers" registry:
</t>
        <blockquote><t>Adding a new entry to the "DNS Security Algorithm Numbers" registry
   with a recommended value of "<bcp14>MAY</bcp14>" in the "Use for DNSSEC Signing",
   "Use for DNSSEC Validation", "Implement for DNSSEC Signing", or
   "Implement for DNSSEC Validation" columns will be subject to the
   Specification Required policy as defined in <xref target="RFC8126"/> in order to
   promote continued evolution of DNSSEC algorithms and DNSSEC
   agility.  New entries added through the Specification Required
   process will have the value of "<bcp14>MAY</bcp14>" for all columns.
	</t>
        <t>Adding a new entry to, or changing an existing value in,
   the "DNS Security Algorithm Numbers" registry that has any value other than "<bcp14>MAY</bcp14>" in the "Use for
   DNSSEC Signing", "Use for DNSSEC Validation", "Implement for
   DNSSEC Signing", or "Implement for DNSSEC Validation" columns requires Standards Action.</t>
 <t>If an item is not marked as "<bcp14>RECOMMENDED</bcp14>", it does not necessarily
   mean that it is flawed; rather, it indicates that the item either
   has not been through the IETF consensus process, has limited
   applicability, or is intended only for specific use cases.</t></blockquote>
<t>
  The following note has been added to the "Digest Algorithms" registry:
</t>
        <blockquote><t>Adding a new entry to the "Digest Algorithms" registry with a
   recommended value of "<bcp14>MAY</bcp14>" in the "Use for DNSSEC Delegation",
   "Use for DNSSEC Validation", "Implement for DNSSEC Delegation",
   or "Implement for DNSSEC Validation" columns <bcp14>SHALL</bcp14> follow the
	Specification Required policy as defined in <xref target="RFC8126"/>.</t>	
        <t>Adding a new entry to, or changing an existing value in,
   the "Digest Algorithms" registry that has any value other than  "<bcp14>MAY</bcp14>" 
   in the "Use for DNSSEC Delegation", "Use for DNSSEC Validation", "Implement for
	DNSSEC Delegation", or "Implement for DNSSEC Validation" columns requires Standards Action.</t>
        <t>If an item is not marked as "<bcp14>RECOMMENDED</bcp14>", it does not necessarily
   mean that it is flawed; rather, it indicates that the item either
   has not been through the IETF consensus process, has limited
   applicability, or is intended only for specific use cases.</t></blockquote>
        <t>Only values of "<bcp14>MAY</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>MUST NOT</bcp14>", and "<bcp14>NOT
   RECOMMENDED</bcp14>" may be placed into the "Use for DNSSEC Signing" and
   "Use for DNSSEC Validation" columns.  Only values of "<bcp14>MAY</bcp14>",
   "<bcp14>RECOMMENDED</bcp14>", "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", and "<bcp14>NOT RECOMMENDED</bcp14>" may be
   placed into the "Implement for DNSSEC Signing" and "Implement for
   DNSSEC Validation" columns.  Note that a value of "<bcp14>MUST</bcp14>" is not an
   allowed value for the two "Use for" columns.</t>
   
        <t>The following sections state the initial values that have been populated
   into these columns. The values in the "Implement for" columns are transcribed
   from <xref target="RFC8624"/>. The "Use for" columns are set to the same values as
   those in the "Implement for" columns since the general interpretation to date
   indicates they have been treated as values for both
   "use" and "implementation". Note that the value in the "Use for"
   column is "<bcp14>RECOMMENDED</bcp14>" when the value in the corresponding "Implement
   for" column is "<bcp14>MUST</bcp14>".  We note that the values for
   "Implement for" and "Use for" may diverge in the future as 
   implementations generally precede deployments.</t>
      </section>
    </section>
    <section anchor="dns-system-algorithm-numbers-column-values">
      <name>DNS Security Algorithm Numbers Registry Column Values</name>
      <t>Initial values for the use and implementation
   recommendation columns in the "DNS Security Algorithm Numbers" registry under the "Domain Name System Security (DNSSEC) Algorithm Numbers" registry group are shown in <xref target="algtable"/>.</t>

      <t>When there are multiple
   <bcp14>RECOMMENDED</bcp14> algorithms in the "Use for" columns, operators should choose
      the best algorithm according to local policy.</t>     
      <table anchor="algtable">
        <name>Initial Values for the DNS Security Algorithm Numbers Registry Columns</name>
        <thead>
          <tr>
            <th align="left">No.</th>
            <th align="left">Mnemonics</th>
            <th align="left">Use for DNSSEC Signing</th>
            <th align="left">Use for DNSSEC Validation</th>
            <th align="left">Implement for DNSSEC Signing</th>
            <th align="left">Implement for DNSSEC Validation</th>
          </tr>
        </thead>
        <tbody>
          <tr>
            <td align="left">1</td>
            <td align="left">RSAMD5</td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
          </tr>
          <tr>
            <td align="left">3</td>
            <td align="left">DSA</td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
          </tr>
          <tr>
            <td align="left">5</td>
            <td align="left">RSASHA1</td>
            <td align="left"><bcp14>NOT RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>NOT RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
          </tr>
          <tr>
            <td align="left">6</td>
            <td align="left">DSA-NSEC3-SHA1</td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
          </tr>
          <tr>
            <td align="left">7</td>
            <td align="left">RSASHA1-NSEC3- SHA1</td>
            <td align="left"><bcp14>NOT RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>NOT RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
          </tr>
          <tr>
            <td align="left">8</td>
            <td align="left">RSASHA256</td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
          </tr>
          <tr>
            <td align="left">10</td>
            <td align="left">RSASHA512</td>
            <td align="left"><bcp14>NOT RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>NOT RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
          </tr>
          <tr>
            <td align="left">12</td>
            <td align="left">ECC-GOST</td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
          </tr>
          <tr>
            <td align="left">13</td>
            <td align="left">ECDSAP256SHA256</td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
          </tr>
          <tr>
            <td align="left">14</td>
            <td align="left">ECDSAP384SHA384</td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
          </tr>
          <tr>
            <td align="left">15</td>
            <td align="left">ED25519</td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
          </tr>
          <tr>
            <td align="left">16</td>
            <td align="left">ED448</td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
          </tr>
          <tr>
            <td align="left">17</td>
            <td align="left">SM2SM3</td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
          </tr>
          <tr>
            <td align="left">23</td>
            <td align="left">ECC-GOST12</td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
          </tr>
          <tr>
            <td align="left">253</td>
            <td align="left">PRIVATEDNS</td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
          </tr>
          <tr>
            <td align="left">254</td>
            <td align="left">PRIVATEOID</td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
          </tr>
        </tbody>
      </table>
    </section>
    <section anchor="dnssec-delegation-signer-ds-resource-record-rr-type-digest-algorithms-column-values">
      
      <name>Digest Algorithms Registry Column Values</name>
      <t>Initial values for the use and implementation
   recommendation columns in the "Digest Algorithms" registry under the "DNSSEC Delegation Signer (DS) Resource Record (RR) Type Digest Algorithms" registry group are shown in <xref target="dstable"/>.</t>
      <t>When there are multiple <bcp14>RECOMMENDED</bcp14> algorithms in the "Use for" columns,
   operators should choose the best algorithm according to local
   policy.</t>
   <table anchor="dstable">

        <name>Initial Values for the Digest Algorithms Registry Columns</name>
        <thead>
          <tr>
            <th align="left">Value</th>
            <th align="left">Description</th>
            <th align="left">Use for DNSSEC Delegation</th>
            <th align="left">Use for DNSSEC Validation</th>
            <th align="left">Implement for DNSSEC Delegation</th>
            <th align="left">Implement for DNSSEC Validation</th>
          </tr>
        </thead>
        <tbody>
          <tr>
            <td align="left">0</td>
            <td align="left">NULL (CDS only)</td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
          </tr>
          <tr>
            <td align="left">1</td>
            <td align="left">SHA-1</td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
          </tr>
          <tr>
            <td align="left">2</td>
            <td align="left">SHA-256</td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
            <td align="left"><bcp14>MUST</bcp14></td>
          </tr>
          <tr>
            <td align="left">3</td>
            <td align="left">GOST R 34.11-94</td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MUST NOT</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
          </tr>
          <tr>
            <td align="left">4</td>
            <td align="left">SHA-384</td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>RECOMMENDED</bcp14></td>
          </tr>
          <tr>
            <td align="left">5</td>
            <td align="left">GOST R 34.11-2012</td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
          </tr>
          <tr>
            <td align="left">6</td>
            <td align="left">SM3</td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
            <td align="left"><bcp14>MAY</bcp14></td>
          </tr>
        </tbody>
      </table>
    </section>
    <section anchor="security-considerations">
      <name>Security Considerations</name>
      <t>The security of cryptographic systems depends on the strength of
   both the cryptographic algorithms chosen and the keys used
   with those algorithms.  The security also depends on the engineering
   of the protocol used by the system to ensure that there are no non-
   cryptographic ways to bypass the security of the overall system.</t>
      <t>This document concerns itself with the selection of cryptographic algorithms
   for the use of DNSSEC, specifically with the selection of
   "mandatory-to-implement" algorithms.  In this document, the algorithms identified as <bcp14>MUST</bcp14> or <bcp14>RECOMMENDED</bcp14> to implement are not known to be broken at
   the current time, and cryptographic research so far leads us to believe that
   they are likely to remain adequately secure unless significant and
   unexpected discovery is made. However, this isn't necessarily forever, and
   it is expected that future documents will be issued from time to time to
   reflect the current best practices in this area.</t>
      <t>Retiring an algorithm too soon would result in a zone signed with
   the retired algorithm being downgraded to the equivalent of an
   unsigned zone.  Therefore, algorithm deprecation must be done only
   after careful consideration and ideally slowly when possible.</t>
    </section>
    <section anchor="operational-considerations">
      <name>Operational Considerations</name>
      <t>DNSKEY algorithm rollover in a live zone is a complex process.  See
   <xref target="RFC6781"/> and <xref target="RFC7583"/> for guidelines on how to perform algorithm
   rollovers.</t>
      <t>DS algorithm rollover in a live zone is also a complex process.
   Upgrading an algorithm at the same time as rolling to the new Key
   Signing Key (KSK) key will lead to DNSSEC validation failures, and
   users <bcp14>MUST</bcp14> upgrade the DS algorithm first before rolling to a new
   KSK.</t>
    </section>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <t>IANA has updated the "DNS Security Algorithm Numbers" <xref target="DNSKEY-IANA"/> and "Digest Algorithms" <xref target="DS-IANA"/> registries
  according to the sections that follow.</t>
      <section anchor="update-to-the-dns-security-algorithm-numbers-registry">
        <name>Update to the DNS Security Algorithm Numbers Registry</name>
        <t>IANA has updated the "DNS Security Algorithm
  Numbers" registry <xref target="DNSKEY-IANA"/> with the following
  columns and has populated these columns with the values from <xref target="algtable"/> of this document:</t>
        <ul spacing="normal">
          <li>
            <t>"Use for DNSSEC Signing"</t>
          </li>
          <li>
            <t>"Use for DNSSEC Validation"</t>
          </li>
          <li>
            <t>"Implement for DNSSEC Signing"</t>
          </li>
          <li>
            <t>"Implement for DNSSEC Validation"</t>
          </li>
        </ul>

      <t>Additionally, IANA has completed the following actions for the "DNS Security 
   Algorithm Numbers" registry <xref target="DNSKEY-IANA"/>:</t>
  <ul spacing="normal">
          <li>Changed the registration procedure to Standards Action or
      Specification Required.
    </li>
    <li>Added a note to the registry that describes the values not marked as
      "<bcp14>RECOMMENDED</bcp14>" per <xref target="adding-and-changing-values"/>.
    </li>
    <li>Listed this document as an additional reference for the registry.
    </li>
  </ul>
      </section>
      <section anchor="update-to-the-digest-algorithms-registry">
        <name>Update to the Digest Algorithms Registry</name>
        <t>IANA has updated the "Digest Algorithms" registry
  <xref target="DS-IANA"/> with the following columns and has populated these columns with the values from <xref target="dstable"/> of this document:</t>
        <ul spacing="normal">
          <li>
            <t>"Use for DNSSEC Delegation"</t>
          </li>
          <li>
            <t>"Use for DNSSEC Validation"</t>
          </li>
          <li>
            <t>"Implement for DNSSEC Delegation"</t>
          </li>
          <li>
            <t>"Implement for DNSSEC Validation"</t>
          </li>
        </ul>
	<t>Additionally, IANA has completed the following actions for the "Digest Algorithms" registry <xref target="DS-IANA"/>:
	</t>
        <ul spacing="normal">
          <li>
            <t>Changed the registration procedure to Standards Action or Specification Required.</t>
          </li>
	  <li>Added a note to the registry that describes the values not marked as
      "<bcp14>RECOMMENDED</bcp14>" per <xref target="adding-and-changing-values"/>.
    </li>
	  <li>Listed this document as an additional reference for the registry.
	  </li>
          <li>
            <t>Marked values 128-252 as "Reserved".</t>
          </li>
          <li>
            <t>Marked values 253 and 254 as "Reserved for Private Use".</t>
          </li>
          <li>
            <t>Deleted the (now superfluous) column "Status" from the registry.</t>
          </li>
        </ul>
      </section>
    </section>
  
  </middle>
  <back>
    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8126.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9157.xml"/>
        <reference anchor="DNSKEY-IANA" target="https://www.iana.org/assignments/dns-sec-alg-numbers">
          <front>
            <title>DNS Security Algorithm Numbers</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
        <reference anchor="DS-IANA" target="http://www.iana.org/assignments/ds-rr-types">
          <front>
            <title>Digest Algorithms</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4034.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.4509.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5155.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5702.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5933.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6605.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6781.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7583.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8080.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8624.xml"/>
        <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9364.xml"/>
        <reference anchor="TLS-ciphersuites" target="https://www.iana.org/assignments/tls-parameters">
          <front>
            <title>Transport Layer Security (TLS) Parameters</title>
            <author>
              <organization>IANA</organization>
            </author>
          </front>
        </reference>
      </references>
    </references>
  <section anchor="acknowledgments" numbered="false">
      <name>Acknowledgments</name>
      <t>This document is based on, and extends, RFC 8624, which was authored
      by <contact fullname="Paul Wouters"/> and <contact fullname="Ondrej
      Sury"/>.</t>
      <t>The content of this document was heavily discussed by participants of
      the DNSOP Working Group.  The authors appreciate the thoughtfulness of
      the many opinions expressed by working group participants that all
      helped shaped this document. We thank <contact fullname="Paul Hoffman"/>
      and <contact fullname="Paul Wouters"/> for their contributed text and
      also <contact fullname="Nabeel Cocker"/>, <contact fullname="Shumon
      Huque"/>, <contact fullname="Nicolai Leymann"/>, <contact fullname="S.
      Moonesamy"/>, <contact fullname="Magnus Nyström"/>, <contact
      fullname="Peter Thomassen"/>, <contact fullname="Stefan Ubbink"/>, and
      <contact fullname="Loganaden Velvindron"/> for their reviews and
      comments.</t>
    </section>
  </back>
</rfc>