DNSSEC algorithms

[Josef Moellers]

Hi,

me again.

I'm a bit confused: genDDNSkey (or dnssec-keygen for that matter)
apparently generates keys using "rsasha512" as the algorithm but bind
and its utilities do not know this, they *only* know hmac-* algorithms.

If I generate a key using genDDNSkey and then include it into
"/etc/named.conf", then named (or named-checkconf) chokes on this key
and refuses to start.

So, as far as I see this:
* genDDNSkey can only generate keys using algorithms named does not know and
* named only knows algorithms in keys that genDDNSkey cannot generate?

Josef
-- 
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nürnberg
Germany

(HRB 36809, AG Nürnberg)
Geschäftsführer: Felix Imendörffer