[ Quoting <ond...@sury.org> at 17:15 on Jan 24 in "[Opendnssec-user] De..." ] > and the result was that <1024 RSA keys are insecure (in fact 512bit > keys can be factorized on common hardware).
1024 and 512 bits is a bit of a leap in rsa land... > These numbers are just for 2012 and maybe updated as time changes. > > Since almost anybody will just use default numbers in kasp.xml, I propose > that we bump the default number for ZSK to 1280. > > Any opinions? I always get a bit sad because of these mails... If rsa is vulnerable there are better targets than the DNS. Regards Miek Gieben
signature.asc
Description: Digital signature
_______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
