Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add DNSKEY Algorithm #39

Open
Tributh opened this issue Jul 11, 2018 · 1 comment
Open

Add DNSKEY Algorithm #39

Tributh opened this issue Jul 11, 2018 · 1 comment

Comments

@Tributh
Copy link

Tributh commented Jul 11, 2018

There could be a hint if the Algorithm of the configured DNSKEY is for example not recommend.

like:
RFC 4034 B.1
Algorithm 1 (RSA/MD5)
Please note that Algorithm 1 is NOT RECOMMENDED.

Torsten
@Tributh
Copy link
Author

Tributh commented Dec 15, 2018

For security and performance reasons a lot of implementations are moving from RSA to ECDSA or direct to ed25519.
This should also be mentioned to DNSKEY's.
Can you add on one site the DNSKEY in your DNS section and also the Algorithm used in the dnssec part?
Maybe with the information which older DS/DNSKEY algorithms should be updated to something more secure?
Would be nice to show that information to different domain owners who have no clue and not any tool to see that for themselves.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Tributh