Anand Buddhdev <ana...@ripe.net> writes: > The zone is correctly signed, but with RSASHA1, which is not > recommended. You may be on a Linux distro whose openssl disables old > algorithms like RSASHA1, and so BIND will not be able to validate this zone.
Doesn't that violate a MUST in RFC 8624? Mostly curious - I understand the challenges depending on system library support... Bjørn -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
