SERVFAIL: The Unintended Consequences of Algorithm Agility in DNSSEC. (arXiv:2205.10608v2 [cs.CR] UPDATED)

Cryptographic algorithm agility is an important property for DNSSEC: it
allows easy deployment of new algorithms if the existing ones are no longer
secure. Significant operational and research efforts are dedicated to pushing
the deployment of new algorithms in DNSSEC forward. Recent research shows that
DNSSEC is gradually achieving algorithm agility: most DNSSEC supporting
resolvers can validate a number of different algorithms and domains are
increasingly signed with cryptographically strong ciphers.

In this work we show for the first time …

algorithm dnssec