#2633 F35 Change: Disable SHA1 In OpenDNSSec
Closed: Invalid 3 years ago by bcotton. Opened 3 years ago by bcotton.

OpenDNSSec' enforcer has a (deprecated) -sha1 CLI option that brings back the old behavior, e.g. include the SHA1 version of the DS. As SHA1 use is deprecated in favour of SHA256, disable the -sha1 CLI knob so that it only displays a warning.


As it stands, I'm -1 for this.

@pwouters gave feedback that hasn't been addressed by @fcami yet. I don't want to approve this without some kind of response from @fcami on the list.

Metadata Update from @ngompa:
- Issue tagged with: meeting

3 years ago

Tagged for meeting per rules on voting.

I am about to withdraw the change. Apologies for the latency.

Metadata Update from @bcotton:
- Issue close_status updated to: Invalid
- Issue status updated to: Closed (was: Open)

3 years ago

Log in to comment on this ticket.

Metadata