Amir Haris Ahmad
amir at lt.my
Wed Oct 7 21:41:51 EDT 2009
Hi and good day.
Actually I got a few questions regarding DNSSEC.
1. I already done doing experiment with NSEC3RSASHA1(7) algorithm. If i'm
using the said algorithm, is it i'm already using NSEC3? Because with that
algorithm, my signed zone is using algorithm 7 and still show NSEC.
2. If I'm as a parents using NSEC3RSASHA1, so my childs need to use the same
algorithm? As i was testing with nsupdate, which the children need to use
the same algorithm in order do send DS nsupdate.
3. How about the root server? which algorithm will be used? Let say the root
servers are using RSASHA1, thus the other TLD need to use the same
Actually I'm from .my domain registry.
Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dnssec-deployment