Re: DNSSEC Best Practices

[Mark Tinka <mark@tinka.africa>]

On 4/27/21 21:31, Eric Germann via NANOG wrote:


> What algorithms do you typically sign with (RSASHA256, 
> ECDSAP256SHA256, both, something other)?

I've been using ECDSAP384SHA384 (14) for a few months now, with no 
problems of note.

I know that ECDSAP256SHA256 (13) is "firmer", but hey :-)...

Mark.