diff options
Diffstat (limited to 'wiki/DNSSEC%2FRequirements.trac')
| -rw-r--r-- | wiki/DNSSEC%2FRequirements.trac | 76 |
1 files changed, 0 insertions, 76 deletions
diff --git a/wiki/DNSSEC%2FRequirements.trac b/wiki/DNSSEC%2FRequirements.trac deleted file mode 100644 index b8f40f0..0000000 --- a/wiki/DNSSEC%2FRequirements.trac +++ /dev/null @@ -1,76 +0,0 @@ -= DNSSEC Requirements =
-
-== Questions ==
-
-- Should we even support SHA-1?
-- GOST?
-
-== Must implement ==
-
-Target DNSSEC Algorithms:
-
-- RSA/SHA-256 (RFC 5702)
-- RSA/SHA-512 (RFC 5702)
-
-Algorithms:
-
-- Hash: SHA-256
-- Hash: SHA-512
-- Sign: RSA
-
-Required PKCS11 Mechs:
-
-- CKM_RSA_PKCS_KEY_PAIR_GEN
-- CKM_SHA256_RSA_PKCS
-- CKM_SHA512_RSA_PKCS
-- CKM_RSA_PKCS (possible cross-check hash with CKM_SHA256 and CKM_SHA512 before signing)
-- CKM_SHA256
-- CKM_SHA512
-
-== Should implement ==
-
-Target DNSSEC Algorithms:
-
-- ECDSA/P-256/SHA-256 (RFC 6605)
-- ECDSA/P-384/SHA-384 (RFC 6605)
-
-Algorithms:
-
-- Hash: SHA-256
-- Hash: SHA-384
-- Sign: P-256
-- Sign: P-384
-
-Required PKCS11 Mechs:
-
-- CKM_EC_KEY_PAIR_GEN
-- CKM_ECDSA_SHA256
-- CKM_ECDSA_SHA384
-- CKM_ECDSA (possible cross-check hash with CKM_SHA256 and CKM_SHA512 before signing)
-- CKM_SHA256
-- CKM_SHA384
-
-== May implement ==
-
-Target DNSSEC Algorithms:
-
-- RSA/SHA-1 (RFC 3110)
-- GOST (RFC 5933)
-
-Algorithms:
-
-- Hash: SHA-1
-- Sign: RSA
-
-- Hash: GOST R 34.11-94 (RFC5831)
-- Sign: GOST R 34.10-2001 (RFC5832)
-
-Required PKCS11 Mechs:
-
-- CKM_RSA_PKCS_KEY_PAIR_GEN
-- CKM_RSA_PKCS (possible cross-check hash with CKM_SHA_1)
-- CKM_SHA1_RSA_PKCS
-- CKM_SHA_1
-
-- CKM_GOSTR3410_KEY_PAIR_GEN
-- CKM_GOSTR3410_WITH_GOSTR3411
|