DNSSEC Best Practices

Mark Tinka mark at tinka.africa
Wed Apr 28 08:43:22 UTC 2021


On 4/27/21 21:31, Eric Germann via NANOG wrote:


> What algorithms do you typically sign with (RSASHA256, 
> ECDSAP256SHA256, both, something other)?

I've been using ECDSAP384SHA384 (14) for a few months now, with no 
problems of note.

I know that ECDSAP256SHA256 (13) is "firmer", but hey :-)...

Mark.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210428/38c39fa7/attachment.html>


More information about the NANOG mailing list