[dnsext] [Technical Errata Reported] RFC6605 (6341)
RFC Errata System <rfc-editor@rfc-editor.org> Sun, 22 November 2020 09:53 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C933C3A1345 for <dnsext@ietfa.amsl.com>; Sun, 22 Nov 2020 01:53:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cFesDO5L9KpI for <dnsext@ietfa.amsl.com>; Sun, 22 Nov 2020 01:53:34 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4A773A1343 for <dnsext@ietf.org>; Sun, 22 Nov 2020 01:53:34 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 34296F40760; Sun, 22 Nov 2020 01:53:16 -0800 (PST)
To: paul.hoffman@vpnc.org, wouter@nlnetlabs.nl, ek.ietf@gmail.com, evyncke@cisco.com, ogud@ogud.com, ajs@anvilwalrusden.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: m.bencivenga97@gmail.com, dnsext@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20201122095316.34296F40760@rfc-editor.org>
Date: Sun, 22 Nov 2020 01:53:16 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsext/RE7TVOlNwiMj0apVe3ErRXjvtj4>
Subject: [dnsext] [Technical Errata Reported] RFC6605 (6341)
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsext/>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Nov 2020 09:53:36 -0000
The following errata report has been submitted for RFC6605, "Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6341 -------------------------------------- Type: Technical Reported by: Mattia Bencivenga <m.bencivenga97@gmail.com> Section: 1 Original Text ------------- For example, in a signature that uses RSA with 2048-bit keys and SHA-256, the signing portion is significantly weaker than the hash portion, whereas the two algorithms here are balanced. Corrected Text -------------- For example, in a signature that uses RSA with 2048-bit keys and SHA-256, the hash portion is significantly weaker than the signing portion, whereas the two algorithms here are balanced. Notes ----- The signing portion should be RSA with 2048 bits so, the overall security is 1024 bits while the hash portion is SHA-256 that has an overall security of 128 bits. Therefore the hash portion is weaker than the signing portion. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC6605 (draft-ietf-dnsext-ecdsa-07) -------------------------------------- Title : Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC Publication Date : April 2012 Author(s) : P. Hoffman, W.C.A. Wijngaards Category : PROPOSED STANDARD Source : DNS Extensions Area : Internet Stream : IETF Verifying Party : IESG
- [dnsext] [Technical Errata Reported] RFC6605 (634… RFC Errata System
- Re: [dnsext] [Technical Errata Reported] RFC6605 … Paul Hoffman
- Re: [dnsext] [Technical Errata Reported] RFC6605 … Megan Ferguson