Bug 2152635
Summary: | NSEC3DSA should be disabled as DSA is in bind.config | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 9 | Reporter: | Alexander Sosedkin <asosedki> |
Component: | crypto-policies | Assignee: | Alexander Sosedkin <asosedki> |
Status: | CLOSED ERRATA | QA Contact: | Ondrej Moriš <omoris> |
Severity: | low | Docs Contact: | Petr Hybl <phybl> |
Priority: | low | ||
Version: | 9.2 | CC: | jafiala, mjahoda, omoris, phybl |
Target Milestone: | rc | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | crypto-policies-20221215-1.git9a18988.el9 | Doc Type: | Bug Fix |
Doc Text: |
.`crypto-policies` now disable NSEC3DSA for BIND
Previously, the system-wide cryptographic policies did not control the NSEC3DSA algorithm in the BIND configuration. Consequently, NSEC3DSA, which does not meet current security requirements, was not disabled on DNS servers. With this update, all cryptographic policies disable NSEC3DSA in the BIND configuration by default.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2023-05-09 08:15:18 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Comment 13
errata-xmlrpc
2023-05-09 08:15:18 UTC
|