Slow zone signing with ECDSA
Daniel Stirnimann
daniel.stirnimann at switch.ch
Thu Apr 20 11:49:13 UTC 2017
>> DSA requires random values as part of the signing process.
>
> Traditionally, yes, but it isn't actually required -
> https://tools.ietf.org/html/rfc6979
This is only implemented in openssl 1.1.0:
https://github.com/openssl/openssl/commit/190c615d4398cc6c8b61eb7881d7409314529a75
As I've read today BIND 9.11.1 can be used with openssl 1.1.0
Daniel
--
SWITCH
Daniel Stirnimann, SWITCH-CERT
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 15, direct +41 44 268 16 24
daniel.stirnimann at switch.ch, http://www.switch.ch
More information about the bind-users
mailing list