DNS SECURITY ALGORITHM NUMBERS DNS KEY and SIG RRs [RFC2535] use an 8-bit number used to identify the security algorithm being used: Number Description Reference --------- ------------------------------ --------- 0 Reserved 1 RSA/MD5 [RFC2537,RFC1321] deprecated, see 5 2 Diffie-Hellman [RFC2539] 3 DSA/SHA1 [RFC2536,DSA,SHA-1] 4 Reserved for Elliptic Curve Crypto 5 RSA/SHA-1 [draft-ietf-dnsext-rsa-02.txt] 6 - 251 Reserved by the IANA 252 Reserved for indirect keys [RFC2535] 253 Private algorithms - domain name [RFC2535] 254 Private algorithms - OID [RFC2535] 255 Reserved REFERENCES ---------- [RFC1321] R. Rivest, "The MD5 Message-Digest Algorithm", RFC 1321, April 1992. [RFC2535] D. Eastlake, "Domain Name System Security Extensions", RFC 2535. March 1999. [RFC2536] D. Eastlake, "DSA KEYs and SIGs in the Domain Name System (DNS)", RFC 2436, March 1999. [RFC2537] D. Eastlake, "RSA/MD5 KEYs and SIGs in the Domain Name System (DNS)", RFC 2537, March 1999. [RFC2539] D. Eastlake, "Storage of Diffie-Hellman Keys in the Domain Name System (DNS)", RFC 2539, March 1999. [DSA] Federal Information Processing Standards Publication (FIPS PUB) 186, Digital Signature Standard, 18 May 1994. [SHA-1] Federal Information Processing Standards Publication (FIPS PUB) 180-1, Secure Hash Standard, 17 April 1995. [Supersedes FIPS PUB 180 dated 11 May 1993.] PEOPLE ------ (last updated 02/28/01) []