Re: lib/49138: "libdns" cannot use "hmac-sha512" keys

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,tron%zhadum.org.uk@localhost
Subject: Re: lib/49138: "libdns" cannot use "hmac-sha512" keys
From: "Jeremy C. Reed" <reed%reedmedia.net@localhost>
Date: Mon, 8 Sep 2014 19:30:01 +0000 (UTC)

The following reply was made to PR bin/49138; it has been noted by GNATS.

From: "Jeremy C. Reed" <reed%reedmedia.net@localhost>
To: Matthias Scheler <tron%zhadum.org.uk@localhost>
Cc: gnats-bugs%NetBSD.org@localhost
Subject: Re: lib/49138: "libdns" cannot use "hmac-sha512" keys
Date: Mon, 8 Sep 2014 14:25:58 -0500 (CDT)

 On Mon, 8 Sep 2014, Matthias Scheler wrote:

 > However this looks problematic. BIND calls e.g. 
 > "HMAC-SHA512.SIG-ALG.REG.INT" simply "hmac-sha512". It will therefore 
 > not be possible share key files between BIND and DHCPD if such keys 
 > are used.

 I was told that while BIND9 does not like the full name, ISC DHCP will 
 allow you to abbreviate the algorithm name and will treat all three 
 forms of the algorithm name equivalently: HMAC-SHA512, hmac-sha512, and 
 HMAC-SHA512.SIG-ALG.REG.INT. (Both are case insensitive too.)

Prev by Date: PR/49019 CVS commit: [netbsd-7] src/sys/external/bsd/dwc2/dist
Next by Date: NetBSD Nightly Trouble Ticket Report
Previous by Thread: Re: lib/49138: "libdns" cannot use "hmac-sha512" keys
Next by Thread: Re: bin/49138 ("nsupdate" can no longer use "hmac-sha512" keys)
Indexes:

Home | Main Index | Thread Index | Old Index