On Wed, Mar 23, 2022 at 9:22 AM Petr Menšík <pemen...@redhat.com> wrote:
> Because NSEC3 algorithm still does not have any alternative to SHA-1, hard > crypto failure would be blocker for any our DNS products. I haven't heard > about it even being considered this way. > I think this is a relatively common misconception. (I recently discovered that I also misunderstood the situation.) The first couple of algorithms specifically meant for NSEC3 use were basically duplicates of algorithms that were NSEC-only, with new algorithm numbers. As I understand it, this was to ensure interoperability, in part due to earlier implementations which would not be aware of NSEC3. The new algorithms were a way of ensuring only updated software (which could be guaranteed based on the algorithms being "new") would be expected to understand (i.e. validate) NSEC3. After that point, all new algorithms are both NSEC and NSEC3. I believe that means you should be free to update to newer algorithms. I would recommend both using Algorithm 13, and potentially moving away from NSEC3 unless you have a strong reason for using it. Or are you talking about what algorithms your software supports, in which case this should be simple enough (to allow NSEC3 on newer algorithms). Brian
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
