On 2/8/24, 10:40, "dns-operations on behalf of Viktor Dukhovni"
wrote:
The chances of a remotely possibly event happening is 100% once it happens. __
So long as a hash is shorter than the data it covers, there's a chance there
will be a collision. Just a general statement.
>There is no i
On Thu, Feb 08, 2024 at 12:24:08PM +, Edward Lewis wrote:
> Between non-unique key tags and the possibility of hash collisions,
> it's possible two DS resource records could share either a key tag or
> a hash representing different keys. From this, I wish we hadn't
> defined the key tag fiel
Very interesting.
There have been two cases since 2011 of a TLD having two published DNSKEY
resource records sharing the same key_tag.
The first in 2018/2019 involved a TLD having a KSK and ZSK share. I didn't
notice while it was happening, but found it when testing some code I have to
visual
