On 2017-03-08 at 12:41, Yuri Schaeffer wrote:
Thanks. I was hoping you would chip in! Does this then also mean a
chosen plaintext attack is not an issue in the scenario I described?
As I understand it, this is not an issue when signing.
Do you have a general advice on shared keys in DNS?
I would consider shared keys only if I had a lot of zones and a HSM with
limited space and/or other reasons for keeping the number of keys down
to a minimum.
jakob
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
