On Tue, Jul 07, 2020 at 04:32:37PM -0700, Gregory Sloop wrote: > I've seen reports that only HMAC-MD5 is the only valid key type.
That was the case at one time, but hasn't been for years. > Is there any (security) reason/implications to use something "better" > than MD5? MD5 is broken (as is SHA1). In this specific context, a forged rndc message is probably impracticable on any reasonable time scale, and I wouldn't fear for security if I were using them. *But*, they're broken, and crypto people don't like keeping broken things around, so I wouldn't count on them being supported forever. We've already removed MD5 support in the context of DNSSEC keys; TSIG could come next. So, if you want to generate a key and not have to worry about generating another one in a year or two, I would advise against MD5 or SHA1. > Is there any reason not to select the strongest - HMAC-SHA512? No, go ahead. I tend to use sha256, just because it's the default from rndc-confgen. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users