11

I know that RFC 5702 documents the use of SHA-2 in DNSSEC, and that RFC 6944 defines RSA/SHA-256 as "recommended to implement." What I'm not aware of is just how widely-implemented SHA-256 is in validating resolvers.

Is it practical to sign Internet zones (those I'm particularly interested in are .org domains) with SHA-256, or am I making my zone unverifiable to large swathes of the DNSSEC-aware Internet?

As a follow-up, can key schedules change with a hash change to keep the same level of security (e.g. can I work around using SHA-1 by having shorter key schedules)?

Community
  • 1
Calrion
  • 570
  • 2
  • 10

1 Answers1

9

The root zone (aka .) itself is signed with RSA/SHA256 (KSK as well as ZSK are RSA/SHA256).

Thus, a validating resolver that does not support RSA/SHA256 will be mostly useless on the Internet as it wouldn't be able to validate the full chain.

I think it's safe for you to assume that RSA/SHA256 is supported.

http://dnsviz.net/d/org/dnssec/ may provide a useful visualization of the keys in use up to the org zone.

Håkan Lindqvist
  • 33,741
  • 5
  • 65
  • 90