[Unbound-users] Unbound 1.4.7 release
paul at xelerance.com
Tue Nov 9 15:37:46 UTC 2010
On Tue, 9 Nov 2010, lst_hoe02 at kwsoft.de wrote:
> Is GOST a supported cipher for DNSSEC or will it be some time in the future?
It's fully suported in the RFC's includig its algorithm number.
> As far as i can see it is only available in openssl 1.x or newer and for the
> next few years this will probably not be the standard on Unix. So most of us
> have to use "--disable-gost" anyway...
I have not yet packaged things up, but I assume there is detection in ./configure
Red Hat strips out all ECC related routines in openssl, so even on rhel/centos 6
there will be no gost if using the stock openssl package. I'm looking at seeing
if it is possible to add a sub package (openssl-gost) that just has the gost
engine, but that will require some time to see how compatible that is with the
"stripping" used in Red Hat.
More information about the Unbound-users