Follow

RT @VDukhovni@twitter.com

It is time to move off DNSSEC algorithms 5 and 7, to 8 or preferably 13 (10 is also fine, but not widely used).

mailarchive.ietf.org/arch/msg/

The recent chosen-prefix attacks on SHA-1 make algorithms 5 and 7 fragile when some zone data is from outside parties.

🐦🔗: twitter.com/VDukhovni/status/1

· Mastodon Twitter Crossposter · 0 · 0 · 0
Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!