On Sun, 24 Aug 2008, Dean Anderson wrote:
>
> > It is well understood that you are vulnerable to a replay attack while
> > the old RRSIGs are still valid. Which argues for short signature
> > durations, not rekeying.
>
> Ok. But when you resign using arbitrary data controlled by the
> attacker, the private key can be obtained. [There is a crypto attack on
> rekeying] OOPS!!. Rekeying is out of the question for, say, .com, .net,
> etc. I guess you didn't know that.
Correction: The above should say there is a crypto attack on re-SIGNing.
ReKEYing is fine. Apologies for the confusion I just created.
--Dean
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
