Enum trust_dns::rr::dnssec::Nsec3HashAlgorithm
[−]
[src]
pub enum Nsec3HashAlgorithm { SHA1, }
RFC 5155 NSEC3 March 2008
11. IANA Considerations
Although the NSEC3 and NSEC3PARAM RR formats include a hash algorithm
parameter, this document does not define a particular mechanism for
safely transitioning from one NSEC3 hash algorithm to another. When
specifying a new hash algorithm for use with NSEC3, a transition
mechanism MUST also be defined.
This document updates the IANA registry "DOMAIN NAME SYSTEM
PARAMETERS" (http://www.iana.org/assignments/dns-parameters) in sub-
registry "TYPES", by defining two new types. Section 3 defines the
NSEC3 RR type 50. Section 4 defines the NSEC3PARAM RR type 51.
This document updates the IANA registry "DNS SECURITY ALGORITHM
NUMBERS -- per [RFC4035]"
(http://www.iana.org/assignments/dns-sec-alg-numbers). Section 2
defines the aliases DSA-NSEC3-SHA1 (6) and RSASHA1-NSEC3-SHA1 (7) for
respectively existing registrations DSA and RSASHA1 in combination
with NSEC3 hash algorithm SHA1.
Since these algorithm numbers are aliases for existing DNSKEY
algorithm numbers, the flags that exist for the original algorithm
are valid for the alias algorithm.
This document creates a new IANA registry for NSEC3 flags. This
registry is named "DNSSEC NSEC3 Flags". The initial contents of this
registry are:
0 1 2 3 4 5 6 7
+---+---+---+---+---+---+---+---+
| | | | | | | |Opt|
| | | | | | | |Out|
+---+---+---+---+---+---+---+---+
bit 7 is the Opt-Out flag.
bits 0 - 6 are available for assignment.
Assignment of additional NSEC3 Flags in this registry requires IETF
Standards Action [RFC2434].
This document creates a new IANA registry for NSEC3PARAM flags. This
registry is named "DNSSEC NSEC3PARAM Flags". The initial contents of
this registry are:
0 1 2 3 4 5 6 7
+---+---+---+---+---+---+---+---+
| | | | | | | | 0 |
+---+---+---+---+---+---+---+---+
bit 7 is reserved and must be 0.
bits 0 - 6 are available for assignment.
Assignment of additional NSEC3PARAM Flags in this registry requires
IETF Standards Action [RFC2434].
Finally, this document creates a new IANA registry for NSEC3 hash
algorithms. This registry is named "DNSSEC NSEC3 Hash Algorithms".
The initial contents of this registry are:
0 is Reserved.
1 is SHA-1.
2-255 Available for assignment.
Assignment of additional NSEC3 hash algorithms in this registry
requires IETF Standards Action [RFC2434].
Variants
SHA1
Hash for the Nsec3 records
Methods
impl Nsec3HashAlgorithm
[src]
fn from_u8(value: u8) -> DecodeResult<Self>
fn hash(
&self,
salt: &[u8],
name: &Name,
iterations: u16
) -> DnsSecResult<DigestBytes>
&self,
salt: &[u8],
name: &Name,
iterations: u16
) -> DnsSecResult<DigestBytes>
Laurie, et al. Standards Track [Page 14]
RFC 5155 NSEC3 March 2008
Define H(x) to be the hash of x using the Hash Algorithm selected by
the NSEC3 RR, k to be the number of Iterations, and || to indicate
concatenation. Then define:
IH(salt, x, 0) = H(x || salt), and
IH(salt, x, k) = H(IH(salt, x, k-1) || salt), if k > 0
Then the calculated hash of an owner name is
IH(salt, owner name, iterations),
where the owner name is in the canonical form, defined as:
The wire format of the owner name where:
1. The owner name is fully expanded (no DNS name compression) and
fully qualified;
2. All uppercase US-ASCII letters are replaced by the corresponding
lowercase US-ASCII letters;
3. If the owner name is a wildcard name, the owner name is in its
original unexpanded form, including the "*" label (no wildcard
substitution);
Trait Implementations
impl Debug for Nsec3HashAlgorithm
[src]
impl PartialEq for Nsec3HashAlgorithm
[src]
fn eq(&self, __arg_0: &Nsec3HashAlgorithm) -> bool
This method tests for self
and other
values to be equal, and is used by ==
. Read more
fn ne(&self, other: &Rhs) -> bool
1.0.0
This method tests for !=
.
impl Eq for Nsec3HashAlgorithm
[src]
impl Hash for Nsec3HashAlgorithm
[src]
fn hash<__H: Hasher>(&self, __arg_0: &mut __H)
Feeds this value into the given [Hasher
]. Read more
fn hash_slice<H>(data: &[Self], state: &mut H) where
H: Hasher,
1.3.0
H: Hasher,
Feeds a slice of this type into the given [Hasher
]. Read more
impl Clone for Nsec3HashAlgorithm
[src]
fn clone(&self) -> Nsec3HashAlgorithm
Returns a copy of the value. Read more
fn clone_from(&mut self, source: &Self)
1.0.0
Performs copy-assignment from source
. Read more