[db-wg] Support for SHA256 in ds-rdata checker

I'm not sure whether this belongs here or in the dns-wg (or somewhere
else?).

I just updated the ds-rdata of one of our domain objects and realized
that the RDNS checker does not support SHA-256, neither for the DS
record nor as part of signature algorithm 8 (RSASHA256)

***RDNS:    (related to set) INFO: 6199 8 2
            03A50B02CC5FCBCC8071AD93212C923E8C399DE64AE7C042442E2DE2F0029592
            ; uses a Digest type that is not implemented by this
            checker. We cannot verify if the chain of trust is intact.
            You should be conciously using digest types other than SHA1

***RDNS:    (related to ns2.switch.ch) INFO: The signature over DNSKEY
            is made with algorithm code 8 The checker does not implement
            this algorithm and can therefore not validate the chain of
            trust It is assumed that using algoritm type 8 is a
            conscious choice.

SHA256 has been in use for both purposes for a number of years.  Are
there any plans to support it in the RDNS checker?

Regards,
Alex

-- 
SWITCH
Serving Swiss Universities
--------------------------
Alexander Gall, Global LAN
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 15, direct +41 44 268 15 22
alexander.gall at switch.ch, http://www.switch.ch