On Mon, Feb 16, 2015 at 11:26:00PM +0530, Mukund Sivaraman wrote: > On Mon, Feb 16, 2015 at 11:19:51PM +0530, Mukund Sivaraman wrote: > > But while RFC 4509 sec. 6 talks about this issue in the case of DS with > > SHA-2 algorithms, there is no requirement there. > > There is this nugget here: > > > Implementations MUST support the use of the SHA-256 algorithm in DS > > RRs. Validator implementations SHOULD ignore DS RRs containing SHA-1 > > digests if DS RRs with SHA-256 digests are present in the DS RRset. > > Perhaps this is why Unbound fails validation. > > We should discuss this in the BIND context. Immediately upon reading > this, I thought this probably means "SHOULD ignore authentication chains > through SHA-1 if an authentication chain through SHA-256 exists." But > that invites downgrade attacks.
UGH that's the DS digest, not algorithm. This is no bug in BIND. I'm
sorry.
Mukund
pgpOlPuccf3gQ.pgp
Description: PGP signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
