Possibly questionable security decisions in DNS root management

Paul Hoffman paul.hoffman at vpnc.org
Wed Oct 14 20:02:34 EDT 2009


At 7:54 PM -0400 10/14/09, Perry E. Metzger wrote:
>There are enough people here with the right expertise. I'd be interested
>in hearing what people think could be done with a fully custom hardware
>design and a budget in the hundreds of millions of dollars or more.

What part of owning a temporary private key for the root zone would be worth even 10% of that much? There are attacks, and there are motivations. Until we know the latter, we cannot put a price on the former.

Related question: if all the root keys were 2048 bits, who do you think would change the way they rely on DNSSEC?

--Paul Hoffman, Director
--VPN Consortium

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list