[nsd-users] NSD 3.2.11 with TLSA and ECDSA

Matthijs Mekking matthijs at nlnetlabs.nl
Mon Jul 16 12:13:01 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/13/2012 03:45 PM, Stephane Bortzmeyer wrote:
> On Mon, Jul 09, 2012 at 11:29:21AM +0200, Matthijs Mekking
> <matthijs at NLnetLabs.nl> wrote a message of 66 lines which said:
> 
>> - - Allow for reading in new DNSKEY algorithm mnemonics
>> (RFC5155, RFC5702, RFC5933, and RFC6605 (ECDSA)).
> 
> I'm confused. Does it mean it can serve a zone signed with GOST or 
> ECDSA? Or just that it can load a zone with GOST or ECDSA DNSKEYs?
> 

Both: It can read DNSKEYs and RRSIGs created with those algorithms.
For DNSKEYs you can use the aliases as assigned by IANA.

http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xml

Best regards,
  Matthijs

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJQBAVNAAoJEA8yVCPsQCW5lbQH/jM1ySDWfr5LxNZOr2nL32WS
6Pe2FZEMXnJUVm87RxZw3PhXPHQk1Oq5VXK61cimx9AOYbOau367b1KSYCyU1cX8
AqU+ND5FKDbuiUWIWFEOFY6wWqIRb2Qkel7Cla83nUBF2M4/C50cmMcvngihQ4Cm
BUGBDVJE/qZivO2l4wtiNR5tgJJj7gNM5JkW6nCjRhT2KRV3W7OKpBc9LTK4ENKF
/q5WRyIzl5B+n0L49e2J0pqzpoY1nYp0pXBwi1+gvUW0BKjeMiI7utHwStdsUS04
k59YzmdTnoMv8bV7bk2I9x5+G+cWfDq315jmfC52rr1V9aY4Yq4Rc/l1tZNHlhs=
=Aba5
-----END PGP SIGNATURE-----



More information about the nsd-users mailing list