[Opendnssec-user] Default ZSK sizes

Roland van Rijswijk Roland.vanRijswijk at surfnet.nl
Thu Jan 26 08:10:46 UTC 2012

On 26 jan 2012, at 03:11, Paul Wouters wrote:

> On Wed, 25 Jan 2012, Ondřej Surý wrote:
>> Why sad? I think it's useful to discuss this once in a while.  Also because
>> it looks like (for outsider) that cryptographers are like lawyers.  You ask
>> 5 lawyers about something and you get 7 different opinions :).
> The ones I talk to start laughing once I mention we don't need long
> protection times in the future (eg not encrypting for 20 years). RSA
> 1024 is more then enough, especially if you can roll in a day. They
> thought 2048 was extreme overkill. So I guess its a good margin.
> They also all suggest to use ECC to bring signature sizes down, once
> I explain we care about packet sizes, proving also that cryptographers
> are in fact, not lawyers :)

Seconded, ECC is a good alternative to RSA and should drastically reduce on-the-wire sizes of signatures and DNSKEY sets. And ECC is on the way (but not there yet) for DNSSEC: http://tools.ietf.org/html/draft-ietf-dnsext-ecdsa-04.

Wonder if it will please DJB when ECC is added as algorithm to DNSSEC ;-)



-- Roland M. van Rijswijk
-- SURFnet Middleware Services
-- t: +31-30-2305388
-- e: roland.vanrijswijk at surfnet.nl

More information about the Opendnssec-user mailing list