20 Kvě
2018
20 Kvě
'18
0:26
Thanks for the fast answer. You are right!
Vladimír Čunát <vladimir.cunat(a)nic.cz> hat am
20. Mai 2018 um 00:16 geschrieben:
On 05/19/2018 11:50 PM, dptrash(a)arcor.de mailto:dptrash@arcor.de wrote:
I am using ecdsap256sha256 as algorithm. Why does
the KSK DNSKEY > (=257) use as digest type SHA1 (=1) and not SHA256 (=2)?
Technically, the DNSKEY algorithm is independent of the DS algorithm used on it, I
believe, though some combinations make less sense than others. Your example seems more of
a question for jdnssec-tools - why they choose SHA1 and not another one.
--Vladimir