chjj
DNSSEC Algorithm=4 should be `Reserved` not `ECC` (very minor change)
https://github.com/chjj/bns/blob/master/lib/constants.js#L521 https://github.com/chjj/bns/blob/master/lib/constants.js#L548 https://github.com/chjj/bns/blob/master/lib/internal/keys.js#L477
According to IANA alg=4 is Reserved, like 9 & 11 - so should be treated as not suitable for end-user use.
https://www.rfc-editor.org/rfc/rfc6725.html https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xhtml
I'm not exactly clear why RFC6725 is still "proposed" since 2012 - but the status of 9 & 11 where changed at the same time, so these three alg numbers should really be treated the same.
bind & all bind utilities will not work with zone data that had been allowed to have alg=4 in a DS record - it fails with incredibly unfriendly messages & took me ages to track down.
mgar. in the Handshake ROOT zone has been allowed to have alg=4, which means the Handshake ROOT AXFR now no longer works with bind.
