Unbound 1.11.0 FIPS mode issue

Florian Weimer fw at deneb.enyo.de
Sun May 2 17:05:45 UTC 2021


* Tuomo Soini via Unbound-users:

> On Fri, 30 Apr 2021 15:30:35 +0000
> "Mohammad Rafiq -X \(mohrafiq - HCL TECHNOLOGIES LIMITED at Cisco\) via
> Unbound-users" <unbound-users at lists.nlnetlabs.nl> wrote:
>
>> We appreciate any inputs on how we can verify 1024 key sizes
>> signature verification in FIPS mode. Thanks,
>> rafiq
>
> Afaik you can't. 1024 bit keys are not permitted by FIPS.

But shouldn't the result be insecure, and not bogus in this case?


More information about the Unbound-users mailing list