is this "normal" if not what to do about it?
Viktor Dukhovni
ietf-dane at dukhovni.org
Tue Jan 27 20:00:25 CET 2015
On Tue, Jan 27, 2015 at 01:51:32PM -0500, John Allen wrote:
> Are you recommending rolling the ZSKs every 7 days, or are you talking about
> something else?
NO. I'm recommeding signature lifetimes of ~7 days for sites with
the operational capacity to keep everything current on a tight
schedule. This way, signatures of stale records expire quickly.
> I would agree with you that some of the recommendations for the key life
> are not very sensible. I would have thought that a 2048 bit key was good for
> around 30+ days and that KSKs should be 4096 bit.
Overkill IMHO. Since the root zone signature is 2048 bits, anything
stronger is just a waste of bandwidth and risks interoperability
problems. I a decade from now, perhaps we'll have interoperable
options based on soon to be defined best-practice ECC curves,
For now RSA-2048 is about as strong as you can reasonably get, and
likely strong enough.
> What effect do the new algorithms have on time to break? I assume that they are
> still based upon trapdoor functions?
There is AFAIK no public evidence of practical key recovery attacks
on RSA-1024, when properly seeded. Practical attacks on 2048-bit
RSA seem rather unlikely at present.
--
Viktor.
More information about the dane-users
mailing list