Skip to main content
cPanel Technical Support has been heavily impacted by hurricane Beryl and our ability to respond to tickets has been hindered as a result. We appreciate your understanding and patience as we address these delays.

DNSSEC RFC 9276

Comments

1 comment

  • cPRex Jurassic Moderator

    Hey there!  I did some research on this and found that we should be supporting iterations of 0 according to the RFC:

    https://datatracker.ietf.org/doc/rfc9276/

      Note that [RFC5155] describes the Iterations field as follows
    
       |  The Iterations field defines the number of additional times the
       |  hash function has been performed.
    
       This means that an NSEC3 record with an Iterations field of 0
       actually requires one hash iteration.

    I also confirmed that trying a value of 0 gives me the following error from the API call:

    reason: "API failure: (XID 7sm6mf) “nsec3_iterations” must be a positive integer less than or equal to 2500."

    I've created case CPANEL-45613 for our developers to look into this, and I'll be sure to post an update here if I hear back from them!

    0

Please sign in to leave a comment.