On 26 jan 2012, at 03:11, Paul Wouters wrote: > On Wed, 25 Jan 2012, Ondřej Surý wrote: > >> Why sad? I think it's useful to discuss this once in a while. Also because >> it looks like (for outsider) that cryptographers are like lawyers. You ask >> 5 lawyers about something and you get 7 different opinions :). > > The ones I talk to start laughing once I mention we don't need long > protection times in the future (eg not encrypting for 20 years). RSA > 1024 is more then enough, especially if you can roll in a day. They > thought 2048 was extreme overkill. So I guess its a good margin. > > They also all suggest to use ECC to bring signature sizes down, once > I explain we care about packet sizes, proving also that cryptographers > are in fact, not lawyers :)
Seconded, ECC is a good alternative to RSA and should drastically reduce on-the-wire sizes of signatures and DNSKEY sets. And ECC is on the way (but not there yet) for DNSSEC: http://tools.ietf.org/html/draft-ietf-dnsext-ecdsa-04. Wonder if it will please DJB when ECC is added as algorithm to DNSSEC ;-) Cheers, Roland -- Roland M. van Rijswijk -- SURFnet Middleware Services -- t: +31-30-2305388 -- e: roland.vanrijsw...@surfnet.nl _______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
