I was wondering if it would make sense to not only test for RSASHA256
(8) signed zones but also with ECDSAP256SHA256 (13) on the check my dns
test [1]. Given that 1 out of 5 validating resolver do not support ECDSA
[2] this could be used to inform users about this shortfall of their
validating resolver.
On 10/09/16 18:05, Daniel Stirnimann wrote: