On Sun, 24 Aug 2008, Dean Anderson wrote: > > > It is well understood that you are vulnerable to a replay attack while > > the old RRSIGs are still valid. Which argues for short signature > > durations, not rekeying. > > Ok. But when you resign using arbitrary data controlled by the > attacker, the private key can be obtained. [There is a crypto attack on > rekeying] OOPS!!. Rekeying is out of the question for, say, .com, .net, > etc. I guess you didn't know that.
Correction: The above should say there is a crypto attack on re-SIGNing. ReKEYing is fine. Apologies for the confusion I just created. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop