is this "normal" if not what to do about it?

Viktor Dukhovni ietf-dane at
Tue Jan 27 20:00:25 CET 2015

On Tue, Jan 27, 2015 at 01:51:32PM -0500, John Allen wrote:

> Are you recommending rolling the ZSKs every 7 days, or are you talking about
> something else?

NO.  I'm recommeding signature lifetimes of ~7 days for sites with
the operational capacity to keep everything current on a tight
schedule.  This way, signatures of stale records expire quickly.

> I would  agree with you that some of the recommendations for the key life
> are not very sensible. I would have thought that a 2048 bit key was good for
> around 30+ days and that KSKs should be 4096 bit.

Overkill IMHO.  Since the root zone signature is 2048 bits, anything
stronger is just a waste of bandwidth and risks interoperability
problems.  I a decade from now, perhaps we'll have interoperable
options based on soon to be defined best-practice ECC curves,

For now RSA-2048 is about as strong as you can reasonably get, and
likely strong enough.

> What effect do the new algorithms have on time to break? I assume that they are
> still based upon trapdoor functions?

There is AFAIK no public evidence of practical key recovery attacks
on RSA-1024, when properly seeded.  Practical attacks on 2048-bit
RSA seem rather unlikely at present.


More information about the dane-users mailing list