Skip to content
Snippets Groups Projects
Commit 243850aa authored by Jan Včelák's avatar Jan Včelák :rocket:
Browse files

dnssec: default policy for NSEC3 

Current values from server defaults were used.
parent 3adb008e
No related branches found
No related tags found
1 merge request!547NSEC3 resalt
Hide whitespace changes
Inline Side-by-side
src/dnssec/lib/kasp/policy.c
+ 3
2
View file @ 243850aa
......@@ -66,8 +66,6 @@ void dnssec_kasp_policy_defaults(dnssec_kasp_policy_t *policy)
return;
}
// TODO: determine defaults for NSEC
clear_policy(policy);
policy->algorithm = DNSSEC_KEY_ALGORITHM_ECDSA_P256_SHA256;
......@@ -83,6 +81,9 @@ void dnssec_kasp_policy_defaults(dnssec_kasp_policy_t *policy)
policy->propagation_delay = HOURS(1);
policy->nsec3_enabled = false;
policy->nsec3_iterations = 10;
policy->nsec3_salt_length = 8;
policy->nsec3_salt_lifetime = DAYS(30);
}
_public_
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment