[dns-operations] Evaluation of NSEC3-encloser attack
Ondřej Surý
ondrej at sury.org
Wed Mar 27 09:16:40 UTC 2024
> On 25. 3. 2024, at 20:17, Viktor Dukhovni <ietf-dane at dukhovni.org> wrote:
>
> I do hope that, as a community, we'll continue to steadily streamline
> acceptable NSEC3 parameters (per RFC9276) down to 0 additional
> iterations and short enough salt values (that don't result in additional
> SHA-1 input blocks).
Amen to that!
Ondřej
--
Ondřej Surý (He/Him)
More information about the dns-operations
mailing list