DNSSEC Best Practices

Eric Germann ekgermann at semperen.com
Tue Apr 27 19:31:28 UTC 2021

Does anyone have a pointer to a good resource for current best practices for deployment of DNSSEC, preferably newer than RFC6781?

What algorithms do you typically sign with (RSASHA256, ECDSAP256SHA256, both, something other)?

Feel free to little r me off list if you wish

Eric Germann
ekgermann (at) semperen.com
LinkedIn: https://www.linkedin.com/in/ericgermann

GPG Fingerprint: 89ED 36B3 515A 211B 6390  60A9 E30D 9B9B 3EBF F1A1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210427/e260401c/attachment.html>

More information about the NANOG mailing list