[ldns-users] ldns-key2ds output uses wrong value for alg, and gets sha256 wrong
Paul Wouters
paul at xelerance.com
Tue Aug 7 05:08:11 UTC 2007
On Tue, 7 Aug 2007, Paul Wouters wrote:
ldns-key2ds outputs:
dnsx.xelerance.com 3600 IN DS 10732 RSASHA1 1 dabf2dacf174d2f89b9c3d64e036a7c97b880c13
While this should be, according to RFC3658 section 2.4 and 2.5 I believe this should be (though
that could have been written down a lot better):
dnsx.xelerance.com 3600 IN DS 10732 5 1 dabf2dacf174d2f89b9c3d64e036a7c97b880c13
Also, the output of ldns-key2ds -1 and ldns-key2ds -2 is identical, so it looks like the -2
option actually doesn't create a sha256 hash, but a sha1 hash.
Paul
More information about the ldns-users
mailing list