Thanks! That was the response I was looking for. Much appreciated! -- Ondřej Surý (He/Him) ond...@isc.org
> On 11. 2. 2021, at 9:03, stuart@registry.godaddy wrote: > > Good to know. > > Will attach a task to the next our next KSK roll process. Should halve the > number of SHA1 DS's in the root. > > Will also tweak some of our other DNSSEC process documentation to stop > providing them. > > Stuart > > On 11/2/21, 6:49 pm, "bind-users on behalf of Ondřej Surý" > <bind-users-boun...@lists.isc.org on behalf of ond...@isc.org> wrote: > > Notice: This email is from an external sender. > > > >> On 11. 2. 2021, at 7:01, Stuart@registry.godaddy wrote: >> >> It's one of those old compatibility things. > > Also called *downgrade attack vector*. > > Stuart, there’s absolutely no reason to keep any SHA1 in the DNS at the > time I am writing this message. > > Cheers, > Ondrej > -- > Ondřej Surý (He/Him) > ond...@isc.org > > >
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
