Dear Folks,
On 23/02/23 10:00 +1100, Nick Urbanik via Opendnssec-user wrote:
I want to
...
disable salting in NSEC3, and have one iteration only of hashing.
<Denial>
<NSEC3>
<Resalt>PT0S</Resalt>
<Hash>
<Algorithm>1</Algorithm>
<Iterations>1</Iterations>
<Salt length="0"/>
</Hash>
</NSEC3>
</Denial>
However, it does not like the value I gave for Resalt. How do you
express that you want no salt in your NSEC3 records?
I changed Iterations to 0.
I changed Resalt to <Resalt>P2000D</Resalt>. Is that how to implement
the recommendations of RFC 9276?
--
Nick Urbanik http://nicku.org ni...@nicku.org
GPG: 7FFA CDC7 5A77 0558 DC7A 790A 16DF EC5B BB9D 2C24 ID: BB9D2C24
_______________________________________________
Opendnssec-user mailing list
Opendnssec-user@lists.opendnssec.org
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
