ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

[master] change rndc-confgen default algorithm

Browse Source 
this completes change 4785. the CHANGES note has been revised:

4785.	[func]		The hmac-md5 algorithm is no longer recommended for
			use with RNDC keys.  The default in rndc-confgen
			is now hmac-sha256. [RT #42272]
This commit is contained in:
Evan Hunt
2017-10-27 10:56:43 -07:00
parent 959d294067
commit 1d57d460d4
4 changed files with 9 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
doc/arm/notes.xml
View File

@@ -500,11 +500,9 @@
<listitem>
<para>
The use of HMAC-MD5 for RNDC keys is no longer recommended.
For compatibility, this is still the default algorithm generated
by <command>rndc-confgen</command>, but it will print a
warning message. The default algorithm in
<command>rndc-confgen</command> will be changed to HMAC-SHA256
in a future release. [RT #42272]
The default algorithm generated by <command>rndc-confgen</command>,
is now HMAC-256, and a warning message will be printed if
HMAC-MD5 is used. [RT #42272]
</para>
</listitem>
<listitem>