I have a question regarding multiple signings. I’ve seen some domains sign with multiple algorithms (8 and 13 specifically).
How does a validating resolver choose which signature to use. First available? Stronger crypto? Both have to be valid through the chain? Random? Than --- Eric Germann ekgermann(at)semperen(dot)com || ekgermann(at)gmail(dot)com LinkedIn: https://www.linkedin.com/in/ericgermann Twitter: @ekgermann GPG Fingerprint: 89ED 36B3 515A 211B 6390 60A9 E30D 9B9B 3EBF F1A1 Telegram||Signal +1(dash)419(dash)513(dash)0712
_______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
