[dns-operations] .edu domain algorithm recommendation
Sue True
bloomingtonian at gmail.com
Mon Aug 16 21:00:11 UTC 2010
I wonder what's the algorithm to use to generate keys? We have several top
level .edu domains which are ready to get signed, I want to make sure the
right algorithm is used, while check some of the singed .edu zones, the
algorithms used are different, for example:
internet2.edu: 7 RSASHA1-NSEC3-SHA1
lsu.edu : 8 RSA/SHA-256
penn.edu : 5 RSA/SHA-1
I am thinking to use Algorithm 7 to generate the keys, but on section 2.2
of this draft:
http://tools.ietf.org/html/draft-ietf-dnsext-dnssec-registry-fixes-06
7 and 8 are both RECOMMENDED, only 5 is REQUIRED, is it safe to use just
algorithm 7, and not 5?
The Quickstart guide for .gov Zone seems to think that it's okay to use 7
alone.
Thanks!
Sue
More information about the dns-operations
mailing list