On Mon, Feb 16, 2015 at 11:19:51PM +0530, Mukund Sivaraman wrote: > But while RFC 4509 sec. 6 talks about this issue in the case of DS with > SHA-2 algorithms, there is no requirement there.
There is this nugget here:
> Implementations MUST support the use of the SHA-256 algorithm in DS
> RRs. Validator implementations SHOULD ignore DS RRs containing SHA-1
> digests if DS RRs with SHA-256 digests are present in the DS RRset.
Perhaps this is why Unbound fails validation.
We should discuss this in the BIND context. Immediately upon reading
this, I thought this probably means "SHOULD ignore authentication chains
through SHA-1 if an authentication chain through SHA-256 exists." But
that invites downgrade attacks.
Mukund
pgpHFjN4E_DFV.pgp
Description: PGP signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
