This document describes how to produce RSA/SHA1 SIG resource records (RRs) in Section 3 and@ so as to completely replace RFC 2537@ describes how to produce RSA KEY RRs in Section 2. Since the adoption of a Proposed Standard for RSA signatures in the DNS (Domain Name Space)@ advances in hashing have been made. A new DNS signature algorithm is defined to make these advances available in SIG RRs. The use of the previously specified weaker mechanism is deprecated. The algorithm number of the RSA KEY RR is changed to correspond to this new SIG algorithm. No other changes are made to DNS security.
RFC 3110-2001 history
2001RFC 3110-2001 RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS)