X-RT-Interface: Email
Date: Mon, 23 Oct 2017 17:21:17 +0000
CC: 
User-Agent: Mutt/1.5.23 (2014-03-12)
Return-Path: <each@isc.org>
From each@isc.org  Mon Oct 23 17:21:17 2017
Message-ID: <20171023172117.GA92445@isc.org>
X-Original-To: bind9-confidential@bugs.isc.org
X-RT-Incoming-Encryption: Not encrypted
In-Reply-To: <rt-4.4.1-86193-1508747348-311.42272-4-0@isc.org>
Received: from bikeshed.isc.org (bikeshed.isc.org [149.20.48.19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "mail.isc.org", Issuer "RapidSSL CA" (not verified)) by bugs.isc.org (Postfix) with ESMTPS id CD8D1D78B0C for <bind9-confidential@bugs.isc.org>; Mon, 23 Oct 2017 17:21:17 +0000 (UTC)
Received: by bikeshed.isc.org (Postfix, from userid 10292) id 9BE80216C1E; Mon, 23 Oct 2017 17:21:17 +0000 (UTC)
From: "Evan Hunt" <each@isc.org>
MIME-Version: 1.0
Content-Disposition: inline
Delivered-To: bind9-confidential@bugs.isc.org
X-RT-Original-Encoding: utf-8
To: "Mukund Sivaraman via RT" <bind9-confidential@isc.org>
content-type: text/plain; charset="utf-8"
References: <RT-Ticket-42272@isc.org> <rt-4.2.8-34950-1461887060-145.42272-4-0@isc.org> <rt-4.4.1-85494-1508735280-1768.42272-4-0@isc.org> <20171023082855.GA27755@jurassic.lan.banu.com> <rt-4.4.1-86193-1508747348-311.42272-4-0@isc.org>
Subject: Re: [ISC-Bugs #42272] stop dnssec-keygen generating hmac keys in 9.11
RT-Message-ID: <rt-4.4.1-85494-1508779281-1715.42272-0-0@isc.org>
Content-Length: 212

On Mon, Oct 23, 2017 at 08:29:08AM +0000, Mukund Sivaraman via RT wrote:
> Also add warning posters next to another thing we let pass: the default
> of HMAC-MD5 in rndc-confgen, etc.

Excellent idea, thank you.