Commit 4a85667e authored by Jan Včelák's avatar Jan Včelák 🚀

[dnssec] use RSA-SHA-256 as a default algorithm

parent 64bbf821
......@@ -50,7 +50,7 @@ void dnssec_kasp_policy_defaults(dnssec_kasp_policy_t *policy)
policy->dnskey_ttl = 1200;
policy->algorithm = DNSSEC_KEY_ALGORITHM_RSA_SHA512;
policy->algorithm = DNSSEC_KEY_ALGORITHM_RSA_SHA256;
policy->ksk_size = 2048;
policy->zsk_size = 1024;
policy->zsk_lifetime = 30 * 24 * 60 * 60;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment