[Opendnssec-user] Default ZSK sizes
Roland van Rijswijk
Roland.vanRijswijk at surfnet.nl
Thu Jan 26 08:10:46 UTC 2012
On 26 jan 2012, at 03:11, Paul Wouters wrote:
> On Wed, 25 Jan 2012, Ondřej Surý wrote:
>> Why sad? I think it's useful to discuss this once in a while. Also because
>> it looks like (for outsider) that cryptographers are like lawyers. You ask
>> 5 lawyers about something and you get 7 different opinions :).
> The ones I talk to start laughing once I mention we don't need long
> protection times in the future (eg not encrypting for 20 years). RSA
> 1024 is more then enough, especially if you can roll in a day. They
> thought 2048 was extreme overkill. So I guess its a good margin.
> They also all suggest to use ECC to bring signature sizes down, once
> I explain we care about packet sizes, proving also that cryptographers
> are in fact, not lawyers :)
Seconded, ECC is a good alternative to RSA and should drastically reduce on-the-wire sizes of signatures and DNSKEY sets. And ECC is on the way (but not there yet) for DNSSEC: http://tools.ietf.org/html/draft-ietf-dnsext-ecdsa-04.
Wonder if it will please DJB when ECC is added as algorithm to DNSSEC ;-)
-- Roland M. van Rijswijk
-- SURFnet Middleware Services
-- t: +31-30-2305388
-- e: roland.vanrijswijk at surfnet.nl
More information about the Opendnssec-user