>> DSA requires random values as part of the signing process. > > Traditionally, yes, but it isn't actually required - > https://tools.ietf.org/html/rfc6979
This is only implemented in openssl 1.1.0: https://github.com/openssl/openssl/commit/190c615d4398cc6c8b61eb7881d7409314529a75 As I've read today BIND 9.11.1 can be used with openssl 1.1.0 Daniel -- SWITCH Daniel Stirnimann, SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 15, direct +41 44 268 16 24 daniel.stirnim...@switch.ch, http://www.switch.ch _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users