[Opendnssec-develop] DSA key length in DNSKEY records
Olaf Kolkman
olaf at NLnetLabs.nl
Wed Mar 17 11:45:06 UTC 2010
On Mar 17, 2010, at 12:34 PM, Alexd at nominet.org.uk wrote:
>
> My current best guess is that the DSA key length can be derived as (64 + 8*T) octets. However, I still don't think I've found anything which specifically confirms this (i.e. RFC 2536 doesn't actually confirm that the length of P is actually the key length - I think).
>
> Thanks for your help,
>
That is why I take T as the primary measure in Net::DNS::SEC. I can live with better values, let me know if you find something there.
--Olaf
________________________________________________________
Olaf M. Kolkman NLnet Labs
Science Park 140,
http://www.nlnetlabs.nl/ 1098 XG Amsterdam
More information about the Opendnssec-develop
mailing list