[nsd-users] NSD and OpenSSL
W.C.A. Wijngaards
wouter at nlnetlabs.nl
Mon Aug 10 09:34:11 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi Antti,
On 10/08/15 11:25, Antti Ristimäki wrote:
> Hi,
>
> On 2015-08-10 10:46, W.C.A. Wijngaards wrote:
>> For DNSSEC algoritms, NSD does not need library support to serve
>> the correct DNSSEC signatures to clients.
>
> I wonder if it needs the library support for serving NSEC3 signed
> zones, though?
Yes for SHA1_Init(), SHA1_Update(), SHA1_Final() calls. LibreSSL and
OpenSSL provide it in their API.
The authority server has to calculate the nsec3 hash of domain names.
That is why the sha1 functions are used.
Best regards,
Wouter
>
> Antti
>
>
>
> _______________________________________________ nsd-users mailing
> list nsd-users at NLnetLabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/nsd-users
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJVyHATAAoJEJ9vHC1+BF+NO00QAJGvua4w387K9A6g4xjzHs9Z
msgl2oudZwvxeSUW88OYfhfsdPtsaHAIB6nHgAcNyefScsyqMdD1WsY19B8XeDSa
qhiPZEDGEuI9H3P2qhuBNvovZicnfqKlggMPZf7ib01BxdMiA2O1wT6QH1DYjlCF
oWZG++KpqIBWzDz11INc3D6PjDgOVDvcSPFGvG1DnlA6i+aFKiS8x2NLjZFDi9Ac
kI6y8ExNxCAePjbGGQmCGsqrC9FdEjYD/cTnwlHlcD/XrvBZpc6oNTrMqFltJb1h
G2LfTk2FeHIbf7c9YGOTMR43XH1btLR47YCPT1o3KZjGD5ph0u9XgEi/adpdKCuS
hYhfPQ1WXZDGbAWrWHnlYNkPQX5Fr+JWe5vBHe8YPuCbjuhBIswdfEjCx+h/bbR7
Tf8M5mYzOeXznq1MtAmgUQ6hxeFFSaMxHA3J+dctO9UCk++ORUxBIEOdVXija1sM
j6+AyHL6vjSSCc/AuOLKywwON69zY59OsbMTC48tp2ID9vm9xFGoi3P/EuFV92ih
KZChWgJH8FtWaP7VxvMll7djKoAuEi5dNUr24RhzDfqgIIF5jYt2NF88pcBgM9c9
b6vfPc57tKdXwsVncGixqziKd79TuwUbOnvszdVN1PVMxW66ILTxSzxHhtEwWQMk
lVLC72Ttqn2+AnDq3P0v
=+SKr
-----END PGP SIGNATURE-----
More information about the nsd-users
mailing list