On Tue, 30 Apr 2024, Mark Andrews wrote:
They DO NOT disable SHA1. They disable RSASHA1. The distinction is important. NSEC3 works fine on them.
There were issues with NSEC3's use of SHA1 as well. I am failing to find the reports on this now unfortunately. Paul _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
