Signing algorithms for rndc

Chris Thompson cet1 at
Mon Apr 27 20:15:34 UTC 2009

It seems that even in the most recent versions of BIND, rndc supports
only the hmac-md5 algorithm. Given that MD5 is being deprecated all over 
the place (I am thinking of draft-ietf-dnsext-tsig-md5-deprecated-02
in particular), is this wise?

Chris Thompson
Email: cet1 at

More information about the bind-users mailing list