aboutsummaryrefslogtreecommitdiff
path: root/raw-wiki-dump/DNSSEC%2FRequirements
diff options
context:
space:
mode:
Diffstat (limited to 'raw-wiki-dump/DNSSEC%2FRequirements')
-rw-r--r--raw-wiki-dump/DNSSEC%2FRequirements76
1 files changed, 0 insertions, 76 deletions
diff --git a/raw-wiki-dump/DNSSEC%2FRequirements b/raw-wiki-dump/DNSSEC%2FRequirements
deleted file mode 100644
index b8f40f0..0000000
--- a/raw-wiki-dump/DNSSEC%2FRequirements
+++ /dev/null
@@ -1,76 +0,0 @@
-= DNSSEC Requirements =
-
-== Questions ==
-
-- Should we even support SHA-1?
-- GOST?
-
-== Must implement ==
-
-Target DNSSEC Algorithms:
-
-- RSA/SHA-256 (RFC 5702)
-- RSA/SHA-512 (RFC 5702)
-
-Algorithms:
-
-- Hash: SHA-256
-- Hash: SHA-512
-- Sign: RSA
-
-Required PKCS11 Mechs:
-
-- CKM_RSA_PKCS_KEY_PAIR_GEN
-- CKM_SHA256_RSA_PKCS
-- CKM_SHA512_RSA_PKCS
-- CKM_RSA_PKCS (possible cross-check hash with CKM_SHA256 and CKM_SHA512 before signing)
-- CKM_SHA256
-- CKM_SHA512
-
-== Should implement ==
-
-Target DNSSEC Algorithms:
-
-- ECDSA/P-256/SHA-256 (RFC 6605)
-- ECDSA/P-384/SHA-384 (RFC 6605)
-
-Algorithms:
-
-- Hash: SHA-256
-- Hash: SHA-384
-- Sign: P-256
-- Sign: P-384
-
-Required PKCS11 Mechs:
-
-- CKM_EC_KEY_PAIR_GEN
-- CKM_ECDSA_SHA256
-- CKM_ECDSA_SHA384
-- CKM_ECDSA (possible cross-check hash with CKM_SHA256 and CKM_SHA512 before signing)
-- CKM_SHA256
-- CKM_SHA384
-
-== May implement ==
-
-Target DNSSEC Algorithms:
-
-- RSA/SHA-1 (RFC 3110)
-- GOST (RFC 5933)
-
-Algorithms:
-
-- Hash: SHA-1
-- Sign: RSA
-
-- Hash: GOST R 34.11-94 (RFC5831)
-- Sign: GOST R 34.10-2001 (RFC5832)
-
-Required PKCS11 Mechs:
-
-- CKM_RSA_PKCS_KEY_PAIR_GEN
-- CKM_RSA_PKCS (possible cross-check hash with CKM_SHA_1)
-- CKM_SHA1_RSA_PKCS
-- CKM_SHA_1
-
-- CKM_GOSTR3410_KEY_PAIR_GEN
-- CKM_GOSTR3410_WITH_GOSTR3411