On Mon, Feb 16, 2015 at 05:34:53PM +0100, Stephane Bortzmeyer wrote: > ;; ANSWER SECTION: > cepn.asso.fr. 171998 IN DS 36778 5 2 ( > D21FC827CF4621DF88D06A8F6EA5F4B4DE72A362AB2E > 03D440C315A9D8FE1407 ) > cepn.asso.fr. 171998 IN DS 13585 8 2 ( > AB057D7A9BBDB721EBD33FC64F3C6CC53D9020D12F18 > BCEFC696494C9F9D6111 )
It's still not clear whether one should be preferred over the other in
the case:
1. DS RR algorithm=RSASHA1, digest=SHA-1
2. DS RR algorithm=RSASHA256, digest=SHA-256
But in the case of the DS RRs of cepn.assoc.fr. above, both are SHA-256
digests. So there's an authentication chain through alg=5 digest=2.
Mukund
pgpmeBfUDLHSU.pgp
Description: PGP signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
