NSEC3 hash collision
Klaus Darilion
klaus.mailinglists at pernau.at
Mon Feb 3 14:52:16 UTC 2014
Hi!
I just stumbled across section 7.1 of RFC 5155
(http://tools.ietf.org/search/rfc5155#section-7.1):
As the "owner name" is hashed, there is potential for a hash collision.
What confuses me is:
> If a hash collision is detected, then a new salt has to be chosen,
> and the signing process restarted.
But the salt is not chosen by Bind, but provided manually. So, I wonder
how Bind reacts if a collision is detected. Or is Bind not checking for
collisions at all?
Thanks
Klaus
More information about the bind-users
mailing list