[dns-operations] .ORG still using SHA-1 DNSKEYs

Joe Abley jabley at hopcount.ca
Wed Feb 5 17:05:41 UTC 2020


Hi Viktor,

On Tue, 4 Feb 2020 at 21:05, Viktor Dukhovni <ietf-dane at dukhovni.org> wrote:

> Anyone know whom at PIR to nag?  I see that .ORG are still using
> RSA-SHA1 DNSKEYs:
>
>     org. IN DS 9795 7 2
> 3922b31b6f3a4ea92b19eb7b52120f031fd8e05ff0b03bafcf9f891bfe7ff8e5
>     org. IN DS 9795 7 1 364dfab3daf254cab477b5675b10766ddaa24982
>

We (PIR) are currently discussing a timeline for implementing changes with
Afilias, who run all the back-end registry systems for ORG. Algorithm 8 or
13 both seem like plausible targets, but opinions from the community would
be very welcome.


Joe

>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200205/c943494f/attachment.html>


More information about the dns-operations mailing list