I remembered that last December, when I submitted the DS of my domain name i3way.net, it was in SHA-1 (160 bits) format and my registrar godaddy did not reject the submission. In April 2011, I tried to submit the SHA-1 DS of another domain warrenkwok.com but this time, godaddy did not accept it. As an alternative, I submitted the SHA-2 (256 bits) DS and it was accepted.
I should be aware that SHA-1 was phased out on 1 Jan 2011 as mandated by the US Government. In fact, it should also be noted that SHA-1 is not cryptographically strong enough for today's online applications. Verisign is the operator of .com and .net TLD nameservers and it is a US company. It is logical for Verisign to mandate all DS for .com and .net domains in SHA-2 format.
No comments:
Post a Comment