> ts a fun story, but... RFC 4034 says RSA/SHA1 is mandatory and DSA is > optional.
I was looking at RFC 2536 from March 1999, which says "Implementation of DSA is mandatory for DNS security." (Page 2.) I guess by March 2005 (RFC 4034), something closer to sanity had prevailed. http://rfc-editor.org/rfc/rfc2536.txt http://rfc-editor.org/rfc/rfc4034.txt John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com