-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/17/2010 05:37 PM, Paul Wouters wrote: >>>> 5.3. NSEC3 parameters >>>> >>>> The NSEC3 hashing includes the FQDN in its uncompressed form. This >>> >>> "over its uncompressed form"? The hash does not 'include' it. >> >> I overlooked this when I copied the text from P.W. who originally >> supplied it :-) >> >> How about "hashing algorithm is performed on the FQDN ..." > > Works for me.
Does not work for me, because the salt is also included in the hash, the old text was technically true because the buffer that is hashed has the FQDN as a substring. Can the line be removed? Otherwise, change active vs passive: The uncompressed FQDN is used for the NSEC3 hash. Best regards, Wouter -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkt8IG0ACgkQkDLqNwOhpPgxIgCfQTMxa2SVQi/9McXVeRYszMQm L8YAnRWH9UCHyIu09bnVO98xbkU/MW+M =y4LW -----END PGP SIGNATURE----- _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
