[dns-operations] SHA-1 and DNSSEC validation
dot at dotat.at
Fri Feb 14 17:29:58 UTC 2020
I've posted a follow-up to my article last month about SHA-1 chosen prefix
collisions and DNSSEC. This discusses DNSSEC validation:
DNSSEC validators should continue to treat SHA-1 signatures as secure
until DNSSEC signers have had enough time to perform algorithm rollovers
and eliminate SHA-1 from the vast majority of signed zones.
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Viking, North Utsire, South Utsire, Forties, Cromarty: Southerly 6 to gale 8,
occasionally severe gale 9 except in South Utsire, veering southwesterly 4 to
6 for a time. Rough or very rough, occasionally moderate. Rain or showers.
Good, occasionally poor.
More information about the dns-operations