Re: [Opendnssec-user] Adhering to RFC 9276 Sec. 3.1

Antonio Prado via Opendnssec-user Fri, 25 Oct 2024 11:52:35 -0700

On 10/25/24 3:45 PM, Bruno Blanes via Opendnssec-user wrote:

I’ve been trying to set OpenDNSSEC to generate the NSEC3 parameter with an empty salt and zero iterations (as per RFC 9276 Sec. 3.1), but to no avail. I have tried setting <Iterations> to zero as well as <Salt> length parameter, but couldn’t get it working.
Could some kind angel help me out here, please?


hi,

<NSEC3>
       <Hash>
         <Algorithm>1</Algorithm>
         <Iterations>0</Iterations>
         <Salt length="0"/>
       </Hash>
</NSEC3>

then apply the policy and wait
--
antonio

OpenPGP_signature.asc
Description: OpenPGP digital signature

_______________________________________________
Opendnssec-user mailing list
Opendnssec-user@lists.opendnssec.org
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user

Re: [Opendnssec-user] Adhering to RFC 9276 Sec. 3.1

Reply via email to