Re: [DNSOP] New Version of draft-ietf-dnsop-algorithm-update-00: Algorithm Implementation Requirements and Usage Guidance for DNSSEC
Frederico A C Neves <fneves@registro.br> Fri, 23 March 2018 17:48 UTC
Return-Path: <fneves@registro.br>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA5F2124B17 for <dnsop@ietfa.amsl.com>; Fri, 23 Mar 2018 10:48:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.911
X-Spam-Level:
X-Spam-Status: No, score=-6.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ynedV6fvypJP for <dnsop@ietfa.amsl.com>; Fri, 23 Mar 2018 10:48:15 -0700 (PDT)
Received: from clone.registro.br (clone.registro.br [200.160.2.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56D2F12DA14 for <dnsop@ietf.org>; Fri, 23 Mar 2018 10:48:15 -0700 (PDT)
Received: by clone.registro.br (Postfix, from userid 1000) id 91D4329F199; Fri, 23 Mar 2018 14:48:12 -0300 (BRT)
Date: Fri, 23 Mar 2018 14:48:12 -0300
From: Frederico A C Neves <fneves@registro.br>
To: dnsop@ietf.org
Message-ID: <20180323174812.GT94914@registro.br>
References: <EBE54422-0A97-4B33-BD55-01CACF1F272A@isc.org> <alpine.LRH.2.21.1803221314140.11686@bofh.nohats.ca> <20180323155802.GI3322@mournblade.imrryr.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20180323155802.GI3322@mournblade.imrryr.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/-Q-fhlgJ-tRkif-UshG4t5aRP0U>
Subject: Re: [DNSOP] New Version of draft-ietf-dnsop-algorithm-update-00: Algorithm Implementation Requirements and Usage Guidance for DNSSEC
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Mar 2018 17:48:17 -0000
On Fri, Mar 23, 2018 at 03:58:02PM +0000, Viktor Dukhovni wrote: > On Thu, Mar 22, 2018 at 01:27:38PM -0400, Paul Wouters wrote: > > > I think this text also needs an update: > > > > RSASHA1 and RSASHA1-NSEC3-SHA1 are widely deployed, although zones > > deploying it are recommended to switch to ECDSAP256SHA256 as there is > > an industry-wide trend to move to elliptic curve cryptography. > > > > They should switch away from SHA1 as SHA1 is being deprecated industry > > wide. Even if we recommend to move away from RSA (which I'm not sure if there > > is consensus on) to ECC, I would like to move them to ED25519/ED448 over > > the ECDSA* variants. > > I think it is, unfortunately, much too early for such a move. For > example, on Unix systems the requisite OpenSSL 1.1.x libraries that > provide the Edwards EC algorithms, are not yet out of beta! It > will be some years before Ed25519 and Ed448 can be expected to be > widely supported by resolvers. Therefore, I would still strongly > recommend ECDSA, which is widely supported. > > We should certainly encourage the implementation of Ed25519/Ed448 > in resolver and nameserver implementations, but it is much too > early for adoption, beyond dual DS/KSKs one ECDSA and another > Ed25519, with the client choosing whichever it prefers. ZSKs should > IMHO migrate to ECDSA for now to alleviate packet size issues. This is exactly one of our, .br. reasonings for moving forward to EC now. Talking this conversation to the root, all this rollover hurdles would be much smaller, if any. We could leave with a Double signing for a long time. With ECDSAP256/Ed25519 the keyset would be much smaller than the current one, aparently we're about to roll the zsk, ~ 1/4 of the size. And the signature would be ~ 1/2 of the current single RSA2048 size. Fred
- [DNSOP] New Version of draft-ietf-dnsop-algorithm… Ondřej Surý
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Paul Wouters
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Ondřej Surý
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Frederico A C Neves
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Viktor Dukhovni
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Ondřej Surý
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Frederico A C Neves
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Paul Wouters
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Michael Sinatra
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Ondřej Surý
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Paul Hoffman
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Michael Sinatra
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Paul Hoffman
- Re: [DNSOP] New Version of draft-ietf-dnsop-algor… Michael Sinatra