[nsd-users] DS algorithm as mnemonic
matthijs at nlnetlabs.nl
Tue Feb 28 11:00:23 CET 2012
-----BEGIN PGP SIGNED MESSAGE-----
This is correct. NSD only had up to RSASHA1 in its dns algorithm
table. Newer algorithms were never added due to backwards
However, we could allow newer mnemonics when reading in a zone (more
user friendly), and when writing always print the unsigned integer
value (more consistent, backwards compatible).
On 02/27/2012 07:10 PM, Miek Gieben wrote:
> I'm playing a little with NSD. The setup I have is that NSD is
> configured as a slave. I've used 'nsdc patch' to write a zone
> I'm looking at this file right now and DS records with algorithm 5
> are written like:
> IN DS 10240 RSASHA1 2 <hash>
> In stead of:
> IN DS 10240 5 2 <hash>
> Other DS records with algorithms 7 and 8 are correct.
> A little test show that BIND9 can at least read such a zone, but
> it seems a little inconsistent.
> Can someone verify this?
> _______________________________________________ nsd-users mailing
> list nsd-users at NLnetLabs.nl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the nsd-users