Possibly questionable security decisions in DNS root management
bmanning at vacation.karoshi.com
bmanning at vacation.karoshi.com
Tue Oct 20 15:10:30 EDT 2009
On Tue, Oct 20, 2009 at 09:20:04AM -0400, William Allen Simpson wrote:
> Nicolas Williams wrote:
> >Getting DNSSEC deployed with sufficiently large KSKs should be priority #1.
> >
> I agree. Let's get something deployed, as that will lead to testing.
>
>
> >If 90 days for the 1024-bit ZSKs is too long, that can always be
> >reduced, or the ZSK keylength be increased -- we too can squeeze factors
> >of 10 from various places. In the early days of DNSSEC deployment the
> >opportunities for causing damage by breaking a ZSK will be relatively
> >meager. We have time to get this right; this issue does not strike me
> >as urgent.
> >
> One of the things that bother me with the latest presentation is that
> only "dummy" keys will be used. That makes no sense to me! We'll have
> folks that get used to hitting the "Ignore" key on their browsers....
>
> http://nanog.org/meetings/nanog47/presentations/Lightning/Abley_light_N47.pdf
the use of dummy keys in the first round is to test things like
key rollover - the inital keys themselves are unable to be validated
and state as much. Anyone who tries validation is -NOT- reading
the key or the deployment plan.
>
> Thus, I'm not sure we have time to get this right. We need good keys, so
> that user processes can be tested.
next phase.
>
>
> >OTOH, will we be able to detect breaks? A clever attacker will use
> >breaks in very subtle ways. A ZSK break would be bad, but something
> >that could be dealt with, *if* we knew it'd happened. The potential
> >difficulty of detecting attacks is probably the best reason for seeking
> >stronger keys well ahead of time.
> >
> Agreed.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list