commit 77fbfc2f43a5c0f39bb919bc2d246ebadbeb6f66 parent 053455865fce268dc836c11db7c22b1d46da6f7c Author: Martin Schanzenbach <schanzen@gnunet.org> Date: Tue, 29 Mar 2022 17:40:46 +0200 cryptographic agility Diffstat:
| M | draft-schanzen-gns.xml | | | 15 | ++++++++------- |
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml @@ -458,9 +458,8 @@ This number corresponds to a resource record type number identifying a delegation record type in the GNUnet Assigned Numbers Authority <xref target="GANA" />. - The ztype determines which cryptosystem is used for the - asymmetric and symmetric key operations of the zone and the format of - the delegation record type. + The ztype is a unique identifier for the set crypographic functions + of the zone and the format of the delegation record type. Any ztype <bcp14>MUST</bcp14> define the following set of cryptographic functions: </t> <dl> @@ -526,13 +525,15 @@ <t> The cryptographic functions of the default ztypes are specified with their corresponding delegation records in <xref target="gnsrecords_delegation"/>. - In order to support the specification of additional ztypes in the future, - for example if the - cryptographic mechanisms used in this document are broken. + In order to support cryptographic agility, additional ztypes <bcp14>MAY</bcp14> + be defined in the future which replace or update the default ztypes defined in this + document. + All ztypes <bcp14>MUST</bcp14> be registered as dedicated zone delegation + record types in the GNU Name System Record Types registry (see <xref target="gana"/>). </t> <section anchor="zTLD" numbered="true" toc="default"> <name>Zone Top-Level Domain</name> - <t> + <t> The zTLD is the Zone Top-Level Domain. It is a string which encodes the zone type and zone key into a domain name. The zTLD is used as a globally unique reference to a specific