[dns-operations] .edu domain algorithm recommendation

Sue True bloomingtonian at gmail.com
Mon Aug 16 21:00:11 UTC 2010

I wonder what's the algorithm to use to generate keys? We have several top 
level .edu domains which are ready to get signed, I want to make sure the 
right algorithm is used, while check some of the singed .edu zones, the 
algorithms used are different, for example:

internet2.edu: 7 RSASHA1-NSEC3-SHA1
lsu.edu      : 8 RSA/SHA-256
penn.edu     : 5 RSA/SHA-1

I am thinking to use Algorithm 7 to generate the keys, but on section 2.2 
of this draft:


7 and 8 are both RECOMMENDED, only 5 is REQUIRED, is it safe to use just 
algorithm 7, and not 5?

The Quickstart guide for .gov Zone seems to think that it's okay to use 7 



More information about the dns-operations mailing list