[dns-operations] suggested DNSKEY type
Phil Pennock
dnsop+phil at spodhuis.org
Tue Mar 27 22:17:43 UTC 2018
On 2018-03-27 at 12:22 +0200, A. Schulze wrote:
> - type 13 / ECDSAP256SHA256
>
> opinions?
CloudFlare is exclusively type 13. IMO, CloudFlare is to DNSSEC signing
as Gmail is to email: they handle so many domains that breakage with
them is effectively indistinguishable from the protocols being broken.
That's the rationale upon which I picked 13 for exim.org.
Stick to what the big players use and other people will debug interop
and file bugs and open pull-requests for you. :)
-Phil
More information about the dns-operations
mailing list