Skip to content
  • Evan Hunt's avatar
    [master] deprecate HMAC in dnssec-keygen, MD5 in rndc-confgen · 21761bfe
    Evan Hunt authored
    4785.	[func]		The hmac-md5 algorithm is no longer recommended for
    			use with RNDC keys. For compatibility reasons, it
    			it is still the default algorithm in rndc-confgen,
    			but this will be changed to hmac-sha256 in a future
    			release. [RT #42272]
    
    4784.	[func]		The use of dnssec-keygen to generate HMAC keys is
    			deprecated in favor of tsig-keygen.  dnssec-keygen
    			will print a warning when used for this purpose.
    			All HMAC algorithms will be removed from
    			dnssec-keygen in a future release. [RT #42272]
    21761bfe