Frederico A C Neves fne...@registro.br wrote:
On Wed, Apr 02, 2014 at 04:25:10PM -0400, Nicholas Weaver wrote:
IMO they do until validators record and use a 'root key ratchet':
never accept a key who's expiration is older than the inception date
of the RRSIG on the youngest root ZSK seen,
On Apr 2, 2014, at 10:19 AM, Jim Reid j...@rfc1035.com wrote:
My gut feel is large ZSKs are overkill because the signatures should be
short-lived and the keys rotated frequently. Though the trade-offs here are
unclear: is a 512-bit key that changes daily (say) better than a 2048-bit key
On 2 Apr 2014, at 10:26, Ted Lemon ted.le...@nominum.com wrote:
The problem with the way you've phrased this question is that there does not
seem to be agreement amongst the parties to this discussion whether old keys
matter. If you think they do, you need longer keys. If you think they
On 02 Apr 2014, at 15:19, Jim Reid j...@rfc1035.com wrote:
There's been a lot of noise and very little signal in the recent discussion.
It would be helpful if there was real data on this topic. Is an RSA key of N
bits too weak or too strong? I don't know. Is N bits good enough?
Probably.
Joe Abley (jabley) writes:
1. subverting sufficient NTP responses over a long enough period to cause the
remote resolver's clock to turn back in time (long period suggested due to
many/most? implementations' refuse large steps in times, and hence many
smaller steps might be required)
On Wed, Apr 2, 2014 at 11:19 AM, Roy Arends r...@dnss.ec wrote:
Just a thought that occured to me. Crypto-maffia folk are looking for a
minimum (i.e. at least so many bits otherwise its insecure). DNS-maffia folk
are looking for a maximum (i.e. at most soo many bits otherwise
On Wed, Apr 2, 2014 at 11:31 AM, Christopher Morrow
morrowc.li...@gmail.com wrote:
On Wed, Apr 2, 2014 at 11:19 AM, Roy Arends r...@dnss.ec wrote:
Just a thought that occured to me. Crypto-maffia folk are looking for a
minimum (i.e. at least so many bits otherwise its insecure). DNS-maffia
On Apr 2, 2014, at 10:49 AM, Joe Abley jab...@hopcount.ca wrote:
This seems like an intractably difficult thing to accomplish.
Bear in mind that all you _really_ have to do is get a bogus ZSK with the
current time into the resolver, which you may be able to do with some clever
NTP shenanigans
On Wed, Apr 02, 2014 at 11:33:20AM -0400, Ted Lemon wrote:
Bear in mind that all you _really_ have to do is get a bogus ZSK with the
current time into the resolver, which you may be able to do with some
clever NTP shenanigans over a relatively short timescale. But yeah,
this isn't likely to
On Apr 2, 2014, at 11:19 AM, Roy Arends r...@dnss.ec wrote:
Just a thought that occured to me. Crypto-maffia folk are looking for a
minimum (i.e. at least so many bits otherwise its insecure). DNS-maffia folk
are looking for a maximum (i.e. at most soo many bits otherwise
Nicholas,
On Wed, Apr 02, 2014 at 04:25:10PM -0400, Nicholas Weaver wrote:
...
And please don't discount the psychology of the issue. If DNSSEC
wants to be taken seriously, it needs to show it. Using short keys
for root and the major TLDs, under the assumptions that it can't be
cracked
.
I look forward to following further discussions on this topic.
-Rick
-Original Message-
From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of Joe Abley
Sent: Wednesday, April 02, 2014 7:50 AM
To: Ted Lemon
Cc: IETF DNSOP WG
Subject: Re: [DNSOP] key lengths for DNSSEC
On 2 Apr 2014
On Wed, Apr 2, 2014 at 11:19 AM, Roy Arends r...@dnss.ec wrote:
On 02 Apr 2014, at 15:19, Jim Reid j...@rfc1035.com wrote:
There's been a lot of noise and very little signal in the recent
discussion.
It would be helpful if there was real data on this topic. Is an RSA key
of N bits too
13 matches
Mail list logo