rndc valid key types
Evan Hunt
each at isc.org
Wed Jul 8 00:06:47 UTC 2020
On Tue, Jul 07, 2020 at 04:32:37PM -0700, Gregory Sloop wrote:
> I've seen reports that only HMAC-MD5 is the only valid key type.
That was the case at one time, but hasn't been for years.
> Is there any (security) reason/implications to use something "better"
> than MD5?
MD5 is broken (as is SHA1). In this specific context, a forged rndc message
is probably impracticable on any reasonable time scale, and I wouldn't fear
for security if I were using them. *But*, they're broken, and crypto
people don't like keeping broken things around, so I wouldn't count on them
being supported forever. We've already removed MD5 support in the context
of DNSSEC keys; TSIG could come next.
So, if you want to generate a key and not have to worry about generating
another one in a year or two, I would advise against MD5 or SHA1.
> Is there any reason not to select the strongest - HMAC-SHA512?
No, go ahead. I tend to use sha256, just because it's the default
from rndc-confgen.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list