Enum trust_dns_proto::rr::dnssec::Nsec3HashAlgorithm

source · []
pub enum Nsec3HashAlgorithm {
    SHA1,
}
Available on crate feature dnssec only.
Expand description
RFC 5155                         NSEC3                        March 2008

11.  IANA Considerations

   Although the NSEC3 and NSEC3PARAM RR formats include a hash algorithm
   parameter, this document does not define a particular mechanism for
   safely transitioning from one NSEC3 hash algorithm to another.  When
   specifying a new hash algorithm for use with NSEC3, a transition
   mechanism MUST also be defined.

   This document updates the IANA registry "DOMAIN NAME SYSTEM
   PARAMETERS" (http://www.iana.org/assignments/dns-parameters) in sub-
   registry "TYPES", by defining two new types.  Section 3 defines the
   NSEC3 RR type 50.  Section 4 defines the NSEC3PARAM RR type 51.

   This document updates the IANA registry "DNS SECURITY ALGORITHM
   NUMBERS -- per [RFC4035]"
   (http://www.iana.org/assignments/dns-sec-alg-numbers).  Section 2
   defines the aliases DSA-NSEC3-SHA1 (6) and RSASHA1-NSEC3-SHA1 (7) for
   respectively existing registrations DSA and RSASHA1 in combination
   with NSEC3 hash algorithm SHA1.

   Since these algorithm numbers are aliases for existing DNSKEY
   algorithm numbers, the flags that exist for the original algorithm
   are valid for the alias algorithm.

   This document creates a new IANA registry for NSEC3 flags.  This
   registry is named "DNSSEC NSEC3 Flags".  The initial contents of this
   registry are:

     0   1   2   3   4   5   6   7
   +---+---+---+---+---+---+---+---+
   |   |   |   |   |   |   |   |Opt|
   |   |   |   |   |   |   |   |Out|
   +---+---+---+---+---+---+---+---+

      bit 7 is the Opt-Out flag.

      bits 0 - 6 are available for assignment.

   Assignment of additional NSEC3 Flags in this registry requires IETF
   Standards Action [RFC2434].

   This document creates a new IANA registry for NSEC3PARAM flags.  This
   registry is named "DNSSEC NSEC3PARAM Flags".  The initial contents of
   this registry are:

     0   1   2   3   4   5   6   7
   +---+---+---+---+---+---+---+---+
   |   |   |   |   |   |   |   | 0 |
   +---+---+---+---+---+---+---+---+

      bit 7 is reserved and must be 0.

      bits 0 - 6 are available for assignment.

   Assignment of additional NSEC3PARAM Flags in this registry requires
   IETF Standards Action [RFC2434].

   Finally, this document creates a new IANA registry for NSEC3 hash
   algorithms.  This registry is named "DNSSEC NSEC3 Hash Algorithms".
   The initial contents of this registry are:

      0 is Reserved.

      1 is SHA-1.

      2-255 Available for assignment.

   Assignment of additional NSEC3 hash algorithms in this registry
   requires IETF Standards Action [RFC2434].

Variants

SHA1

Hash for the Nsec3 records

Implementations

http://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml

Available on crate features openssl or ring only.
Laurie, et al.              Standards Track                    [Page 14]

RFC 5155                         NSEC3                        March 2008

Define H(x) to be the hash of x using the Hash Algorithm selected by
   the NSEC3 RR, k to be the number of Iterations, and || to indicate
   concatenation.  Then define:

      IH(salt, x, 0) = H(x || salt), and

      IH(salt, x, k) = H(IH(salt, x, k-1) || salt), if k > 0

   Then the calculated hash of an owner name is

      IH(salt, owner name, iterations),

   where the owner name is in the canonical form, defined as:

   The wire format of the owner name where:

   1.  The owner name is fully expanded (no DNS name compression) and
       fully qualified;

   2.  All uppercase US-ASCII letters are replaced by the corresponding
       lowercase US-ASCII letters;

   3.  If the owner name is a wildcard name, the owner name is in its
       original unexpanded form, including the "*" label (no wildcard
       substitution);

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Deserialize this value from the given Serde deserializer. Read more

Converts to this type from the input type.

Feeds this value into the given Hasher. Read more

Feeds a slice of this type into the given Hasher. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason. Read more

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Compare self to key and return true if they are equal.

Returns the argument unchanged.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more