Possibly questionable security decisions in DNS root management

John Gilmore gnu at toad.com
Tue Oct 20 17:44:48 EDT 2009

> ts a fun story, but... RFC 4034 says RSA/SHA1 is mandatory and DSA is
> optional.

I was looking at RFC 2536 from March 1999, which says "Implementation
of DSA is mandatory for DNS security." (Page 2.)  I guess by March 2005
(RFC 4034), something closer to sanity had prevailed.



The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list