In message <[email protected]>, Paul Wout
ers writes:
> Hi,
> 
> What will happen to people who have configured bind 9.6.1 to do
> DNSSEC and DLV processing, when SHA256 hashes start appearing?
>
> Will it go to insecure or bogus?

Insecure.  The following change was part of BIND 9.6.1.

2579.   [bug]           DNSSEC lookaside validation failed to handle unknown
                        algorithms. [RT #19479]

> Do we have a problem in a few days?

The following test zones are available and have DLV's published in
dlv.isc.org.

           rsasha256.island.dlvtest.dns-oarc.net
           rsasha512.island.dlvtest.dns-oarc.net

Mark

> Paul
> _______________________________________________
> bind-users mailing list
> [email protected]
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: [email protected]
_______________________________________________
bind-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to