On 01 Feb 2021, at 13:38, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > > On Mon, Feb 01, 2021 at 12:09:38PM +0000, pat...@patpro.net wrote: > >> It's a risk I can take if I'm stuck but I'm willing to try the dual-sign >> method. > > I should mention that given the humongous sizes of your current > signatures, dual signing will make things noticeably worse in > the meantime, unless you FIRST reduce your key sizes without > changing algorithms. > > Therefore: > > 1. Roll over to a 1280 bit ZSK. Introduce it into the DNSKEY > RRset inactive, with an activation time equal to the > inactivation time of the previous 4096 bit ZSK. > 2. Wait a couple of TTLs and drop the now inactive old ZSK > entirely. > 3. Introduce a new 2048-bit KSK, that is immediately active, > signing the DNSKEY RRset. You can also immediately publish > the associated DS RR along side the current DS KSK RR. > 4. Wait a couple of TTLs of the parent .net zone. > 5. Drop the old DS RR and the old KSK. > > Only then do an algorithm rollover to P256. This is quite a bit of > work (though BIND 9.16 might just automate most of this for you). > > I'll not think less of you if you decide to go unsigned for a couple > of days.
I might end up doing that directly (unsigned for a couple of days). I have nothing to gain at making things worse or really complicated while the main goal of the effort is to make the change unnoticeable. Thanks for the great advice, patpro
