On Tue, Apr 01, 2014 at 10:37:54PM -0400, Olafur Gudmundsson <o...@ogud.com> wrote a message of 158 lines which said:
> Furthermore using larger keys than your parents is non-sensical as > that moves the cheap point of key cracking attack. Mostly true, but still too strong a statement, in my opinion. This is because, if you are an attacker and managed to crack a key somewhere between the root (inclusive) and your real target, the higher you are in the tree, the more things you have to emulate or simulate below. If you are after ogud.com, and you cracked the root key, you need to either create a false DS for .com (and then the resolver will croak on most .com responses, detecting there is something wrong) or a false NSEC proving that .com is not signed (but the fact that .com is signed is rapidly cached in validating resolvers). So, yes, basically, you are right, since DNSSEC is tree-based, the security of the weakest node is what matters. But, in practice, exploiting a cracked key upper in the tree is a bit more difficult than it seems. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop