> Hello there folks,
> I've been trying to set OpenDNSSEC to generate the NSEC3
> parameter with an empty salt and zero iterations (as per RFC
> 9276 Sec. 3.1), but to no avail. I have tried setting
> <Iterations> to zero as well as <Salt> length parameter, but
> couldn't get it working.
> Could some kind angel help me out here, please?
We're using
<Denial>
<NSEC3>
<Resalt>P100D</Resalt>
<Hash>
<Algorithm>1</Algorithm>
<Iterations>0</Iterations>
<Salt length="8"/>
</Hash>
</NSEC3>
</Denial>
in kasp.xml.
Admittedly, it doesn't have a salt-length of 0 (should it?), but
at least it uses 0 iterations.
Regards,
- HÃ¥vard
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
