On Sat, 20 Mar 2010, Olaf Kolkman wrote:
- http://www.nlnetlabs.nl/svn/rfc4641bis/trunk/open-issues/NSEC-NSEC3
That still states:
"as well as no algorithm choice for SHA-256"
That's been resolved now, see http://www.bind9.net/dns-sec-algorithm-numbers
RSASHA256 has DNSKEY algorihtm 8 and RSASHA-512 has alg 10. As far as I
know, these include NSEC3, though the registry contains no pointers for that.
Is it noted anywhere that algorithms > 5 imply NSEC3 support? If not, should we?
Paul
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
