Frederico A C Neves wrote:
> On Wed, Apr 02, 2014 at 04:25:10PM -0400, Nicholas Weaver wrote:
> >
> > IMO they do until validators record and use a 'root key ratchet':
> > never accept a key who's expiration is older than the inception date
> > of the RRSIG on the youngest root ZSK seen, or have s
Joe Abley wrote:
> I'm trying to understand the time-based attack, but I'm not seeing it.
I think a plausible form of this attack involves DNSSEC validation at
the edge.
(1) DoS your victim, to force them into trouble-shooting mode. Hopefully
they will reboot, at which point you can lie to them
On Wed, Apr 2, 2014 at 11:19 AM, 🔒 Roy Arends wrote:
> On 02 Apr 2014, at 15:19, Jim Reid wrote:
>
> > There's been a lot of noise and very little signal in the recent
> discussion.
> >
> > It would be helpful if there was real data on this topic. Is an RSA key
> of N bits too "weak" or too "str
.
I look forward to following further discussions on this topic.
-Rick
-Original Message-
From: DNSOP [mailto:dnsop-boun...@ietf.org] On Behalf Of Joe Abley
Sent: Wednesday, April 02, 2014 7:50 AM
To: Ted Lemon
Cc: IETF DNSOP WG
Subject: Re: [DNSOP] key lengths for DNSSEC
On 2 Apr 2014
Nicholas,
On Wed, Apr 02, 2014 at 04:25:10PM -0400, Nicholas Weaver wrote:
>
...
> And please don't discount the psychology of the issue. If DNSSEC
> wants to be taken seriously, it needs to show it. Using short keys
> for root and the major TLDs, under the assumptions that it can't be
> crack
On Apr 2, 2014, at 11:19 AM, 🔒 Roy Arends wrote:
>
> Just a thought that occured to me. Crypto-maffia folk are looking for a
> minimum (i.e. at least so many bits otherwise its insecure). DNS-maffia folk
> are looking for a maximum (i.e. at most soo many bits otherwise
> fragmentation/fallbac
On Wed, Apr 02, 2014 at 11:33:20AM -0400, Ted Lemon wrote:
> Bear in mind that all you _really_ have to do is get a bogus ZSK with the
> current time into the resolver, which you may be able to do with some
> clever NTP shenanigans over a relatively short timescale. But yeah,
> this isn't likely
On Apr 2, 2014, at 10:49 AM, Joe Abley wrote:
> This seems like an intractably difficult thing to accomplish.
Bear in mind that all you _really_ have to do is get a bogus ZSK with the
current time into the resolver, which you may be able to do with some clever
NTP shenanigans over a relatively
On Wed, Apr 2, 2014 at 11:31 AM, Christopher Morrow
wrote:
> On Wed, Apr 2, 2014 at 11:19 AM, 🔒 Roy Arends wrote:
>
>> Just a thought that occured to me. Crypto-maffia folk are looking for a
>> minimum (i.e. at least so many bits otherwise its insecure). DNS-maffia folk
>> are looking for a max
On Wed, Apr 2, 2014 at 11:19 AM, 🔒 Roy Arends wrote:
> Just a thought that occured to me. Crypto-maffia folk are looking for a
> minimum (i.e. at least so many bits otherwise its insecure). DNS-maffia folk
> are looking for a maximum (i.e. at most soo many bits otherwise
> fragmentation/fallba
Joe Abley (jabley) writes:
>
>
> 1. subverting sufficient NTP responses over a long enough period to cause the
> remote resolver's clock to turn back in time (long period suggested due to
> many/most? implementations' refuse large steps in times, and hence many
> smaller steps might be require
On 02 Apr 2014, at 15:19, Jim Reid wrote:
> There's been a lot of noise and very little signal in the recent discussion.
>
> It would be helpful if there was real data on this topic. Is an RSA key of N
> bits too "weak" or too "strong"? I don't know. Is N bits "good enough"?
> Probably. Change
On 2 Apr 2014, at 10:26, Ted Lemon wrote:
> The problem with the way you've phrased this question is that there does not
> seem to be agreement amongst the parties to this discussion whether old keys
> matter. If you think they do, you need longer keys. If you think they
> don't, you need
On Apr 2, 2014, at 10:19 AM, Jim Reid wrote:
> My gut feel is large ZSKs are overkill because the signatures should be
> short-lived and the keys rotated frequently. Though the trade-offs here are
> unclear: is a 512-bit key that changes daily (say) better than a 2048-bit key
> that gets rotate
14 matches
Mail list logo
