[Unbound-users] MD5 status deprecated by RFC6725
Ray.Bellis at nominet.org.uk
Tue Sep 4 12:40:33 UTC 2012
On 31 Aug 2012, at 09:56, W.C.A. Wijngaards <wouter at NLnetLabs.nl> wrote:
> Are there other arguments we should take into consideration?
Yes. As I understand it there is _zero_ evidence that MD5 is insecure when used as a digest in DNSSEC.
IMHO, this option should be a configurable _policy_ decision, and for now it should default to the conservative "accept" position.
More information about the Unbound-users