Does anyone have a pointer to a good resource for current best practices for deployment of DNSSEC, preferably newer than RFC6781?
What algorithms do you typically sign with (RSASHA256, ECDSAP256SHA256, both, something other)? Feel free to little r me off list if you wish — Eric Germann ekgermann (at) semperen.com LinkedIn: https://www.linkedin.com/in/ericgermann GPG Fingerprint: 89ED 36B3 515A 211B 6390 60A9 E30D 9B9B 3EBF F1A1
