On Thu, Jan 21, 2010 at 08:55:33AM -0800, Paul Hoffman wrote: > > But we *can* assume that there are a lot of 1024-bit keys in use > that are much more valuable than the most valuable DNSSEC 1024-bit > key. Thus, as public analysis gets better, we are likely to hear > about it. Even if the first attacks from private crackers, we will > hear about them.
I fully agree. I just want to make sure we're not holding ourselves to an operational standard that is just impossible to reach. If we want "proof" and "facts" about whether something won't ever be compromised, it's not going to happen (so I'm very keen we not put anything resembling such language in any draft). That's all I was saying. A -- Andrew Sullivan a...@shinkuro.com Shinkuro, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
