[144972] in cryptography@c2.net mail archive
Re: Possibly questionable security decisions in DNS root management
daemon@ATHENA.MIT.EDU (William Allen Simpson)
Tue Oct 20 17:00:45 2009
Date: Tue, 20 Oct 2009 09:20:04 -0400
From: William Allen Simpson <william.allen.simpson@gmail.com>
To: cryptography@metzdowd.com
In-Reply-To: <20091019152440.GB892@Sun.COM>
Nicolas Williams wrote:
> Getting DNSSEC deployed with sufficiently large KSKs should be priority #1.
>
I agree. Let's get something deployed, as that will lead to testing.
> If 90 days for the 1024-bit ZSKs is too long, that can always be
> reduced, or the ZSK keylength be increased -- we too can squeeze factors
> of 10 from various places. In the early days of DNSSEC deployment the
> opportunities for causing damage by breaking a ZSK will be relatively
> meager. We have time to get this right; this issue does not strike me
> as urgent.
>
One of the things that bother me with the latest presentation is that
only "dummy" keys will be used. That makes no sense to me! We'll have
folks that get used to hitting the "Ignore" key on their browsers....
http://nanog.org/meetings/nanog47/presentations/Lightning/Abley_light_N47.pdf
Thus, I'm not sure we have time to get this right. We need good keys, so
that user processes can be tested.
> OTOH, will we be able to detect breaks? A clever attacker will use
> breaks in very subtle ways. A ZSK break would be bad, but something
> that could be dealt with, *if* we knew it'd happened. The potential
> difficulty of detecting attacks is probably the best reason for seeking
> stronger keys well ahead of time.
>
Agreed.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
