[dns-operations] Surprisingly large cluster of domains sharing the same pair of 512-bit ZSKs and some more RSA key oddities
Jeremy L. Gaddis
lists-dns-operations at gadd.is
Tue Oct 31 23:52:53 UTC 2017
On Mon, Oct 30, 2017 at 02:15:48PM EDT, Viktor Dukhovni wrote:
> I think that key generation utilities should, in the absence of some sort
> of "force" option, refuse to unusual keys. At present that means:
>
> * exponent is unconditionally 65535 (F_4)
Note that F_4 is actually 65537.
--
Jeremy L. Gaddis
More information about the dns-operations
mailing list