git.ipfire.org Git - thirdparty/bind9.git/commitdiff

]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff

projects / thirdparty / bind9.git / commitdiff

author	Aydın Mercan <aydin@isc.org>
	Wed, 14 Aug 2024 12:47:06 +0000 (12:47 +0000)
committer	Aydın Mercan <aydin@isc.org>
	Wed, 14 Aug 2024 12:47:06 +0000 (12:47 +0000)

OpenSSL has added support for deterministic ECDSA (RFC 6979) with
version 3.2.

Use it by default as it removes arguably its most fragile side of ECDSA.
The derandomization doesn't pose a risk for DNS usecases and is allowed by FIPS 186-5.

Closes https://gitlab.isc.org/isc-projects/bind9/-/issues/299

Merge branch '299-change-ecdsa-to-deterministic-usage-elliptic-curve-digital-signature-algorithm-rfc-6979' into 'main'

Closes #299

See merge request isc-projects/bind9!9128

Trivial merge

Mirror of https://gitlab.isc.org/isc-projects/bind9.git

RSS Atom