4. Digest Algorithms レジストリ列値
「DNSSEC Delegation Signer (DS) Resource Record (RR) Type Digest Algorithms」レジストリグループの下にある「Digest Algorithms」レジストリの使用および実装推奨列の初期値を表3に示します。
「Use for」列に複数のRECOMMENDEDアルゴリズムがある場合、運用者はローカルポリシーに従って最適なアルゴリズムを選択する必要があります。
| Value | Description | Use for DNSSEC Delegation | Use for DNSSEC Validation | Implement for DNSSEC Delegation | Implement for DNSSEC Validation |
|---|---|---|---|---|---|
| 0 | NULL (CDS only) | MUST NOT | MUST NOT | MUST NOT | MUST NOT |
| 1 | SHA-1 | MUST NOT | RECOMMENDED | MUST NOT | MUST |
| 2 | SHA-256 | RECOMMENDED | RECOMMENDED | MUST | MUST |
| 3 | GOST R 34.11-94 | MUST NOT | MAY | MUST NOT | MAY |
| 4 | SHA-384 | MAY | RECOMMENDED | MAY | RECOMMENDED |
| 5 | GOST R 34.11-2012 | MAY | MAY | MAY | MAY |
| 6 | SM3 | MAY | MAY | MAY | MAY |
表3: Digest Algorithms レジストリ列の初期値