From d790cae0e24101a7c2790c63d2f41fa8841c70b6 Mon Sep 17 00:00:00 2001
From: Joshua Tauberer <jt@occams.info>
Date: Thu, 23 Oct 2014 17:03:23 +0000
Subject: [PATCH] DNSSEC: use RSASHA256 for the .guide tld too

---
 management/dns_update.py | 2 +-
 setup/dns.sh             | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/management/dns_update.py b/management/dns_update.py
index 5d2a0bc3..ccbebc89 100755
--- a/management/dns_update.py
+++ b/management/dns_update.py
@@ -511,7 +511,7 @@ zone:
 ########################################################################
 
 def dnssec_choose_algo(domain, env):
-	if domain.endswith(".email"):
+	if domain.endswith(".email") or domain.endswith(".guide"):
 		# At least at GoDaddy, this is the only algorithm supported.
 		return "RSASHA256"
 
diff --git a/setup/dns.sh b/setup/dns.sh
index 426ac633..b55e2587 100755
--- a/setup/dns.sh
+++ b/setup/dns.sh
@@ -51,6 +51,7 @@ mkdir -p "$STORAGE_ROOT/dns/dnssec";
 # Requires `RSASHA256`
 #
 #  * .email
+#  * .guide
 
 FIRST=1 #NODOC
 for algo in RSASHA1-NSEC3-SHA1 RSASHA256; do