You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@trafficcontrol.apache.org by el...@apache.org on 2018/11/09 17:14:23 UTC

[trafficcontrol] 05/05: Change TO DNSSEC to SHA256

This is an automated email from the ASF dual-hosted git repository.

elsloo pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git

commit cc2541879ed7d38a54ef6cd160a9b4e9dacb39ca
Author: Robert Butts <ro...@apache.org>
AuthorDate: Fri Nov 2 12:58:35 2018 -0600

    Change TO DNSSEC to SHA256
---
 traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go b/traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go
index c1ea6bd..269c8af 100644
--- a/traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go
+++ b/traffic_ops/traffic_ops_golang/deliveryservice/dnssec.go
@@ -111,7 +111,7 @@ func GetDNSSECKeys(keyType string, dsName string, ttl time.Duration, inception t
 func genKeys(dsName string, ksk bool, ttl time.Duration, tld bool) (string, string, *tc.DNSSECKeyDSRecord, error) {
 	bits := 1024
 	flags := 256
-	algorithm := dns.RSASHA1 // 5 - http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml
+	algorithm := dns.RSASHA256 // 8 - http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml
 	protocol := 3
 
 	if ksk {