GitLab

Hello,

it's really nice that ISPConfig now has DNSSEC support. Thank you very much for that 👍 Though currently algorithm 7 (RSASHA1-NSEC3-SHA1) is hardcoded for key generation. Since there are a lot registries that support newer DNSSEC algorithms (up to 14 or even 16) it would be really nice to have a config option in the interface to change this setting.

Thanks in advance Ben

P.S. And of course because of "shattered" SHA 1 😉