Also curious myself, I was trying to set up DNSSEC for my own and my workplace's network, and ran into the same issue, the same goes for Ed448. The newest that seems to be accepted is protocol 14 (ECDSAP384SHA384), so I've been using this for now. Would also be interested in the current status of this. Cheers, Jori (Tyrasuki) REDP-RIPE On 2/18/2022 2:41 PM, Nick Cao via dns-wg wrote:
When doing a DNSSEC algorithm rollover from ecdsap256sha256 to ed25519 today, I got the error 'Unknown cryptographic algorithm' when updating ds-rdata field. A quick google search led me to https://www.ripe.net/ripe/mail/archives/dns-wg/2021-January/003796.html, which dates back to more than a year ago. It seems that the zonemaster deployment has not been updated to day, thus I would like to ask about the current progress.