[dns-operations] Evaluation of NSEC3-encloser attack

Ondřej Surý ondrej at sury.org
Wed Mar 27 09:16:40 UTC 2024

> On 25. 3. 2024, at 20:17, Viktor Dukhovni <ietf-dane at dukhovni.org> wrote:
> I do hope that, as a community, we'll continue to steadily streamline
> acceptable NSEC3 parameters (per RFC9276) down to 0 additional
> iterations and short enough salt values (that don't result in additional
> SHA-1 input blocks).

Amen to that!

Ondřej Surý (He/Him)

More information about the dns-operations mailing list