So Mark,
You were the one who kicked-off my so-far feeble effort to do an
rfc2930bis in the thread starting with the message below...
Thanks,
Donald
===
Donald E. Eastlake 3rd +1-508-333-2270 (cell)
2386 Panoramic Circle, Apopka, FL 32703 USA
d3e...@gmail.com
On
Isn’t it about time we updated DH support in DNS to not use MD5? Currently
there is
no FIPS compatible DH key exchange in DNS. I suspect it would be relatively
straight
forward by defining a new TKEY mode which does DH w/o using MD5.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley,