Re: [DNSOP] Whiskey Tango Foxtrot on key lengths...

"Rose, Scott" <scott.rose@nist.gov> Thu, 27 March 2014 15:17 UTC

Return-Path: <scott.rose@nist.gov>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30A5B1A071A for <dnsop@ietfa.amsl.com>; Thu, 27 Mar 2014 08:17:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kMOgUIQIktpN for <dnsop@ietfa.amsl.com>; Thu, 27 Mar 2014 08:17:08 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1blp0182.outbound.protection.outlook.com [207.46.163.182]) by ietfa.amsl.com (Postfix) with ESMTP id 1F57C1A0110 for <dnsop@ietf.org>; Thu, 27 Mar 2014 08:17:07 -0700 (PDT)
Received: from BLUPR09MB053.namprd09.prod.outlook.com (10.255.211.146) by BLUPR09MB056.namprd09.prod.outlook.com (10.255.211.156) with Microsoft SMTP Server (TLS) id 15.0.898.11; Thu, 27 Mar 2014 15:17:05 +0000
Received: from BLUPR09MB053.namprd09.prod.outlook.com ([169.254.14.155]) by BLUPR09MB053.namprd09.prod.outlook.com ([169.254.14.155]) with mapi id 15.00.0908.008; Thu, 27 Mar 2014 15:17:04 +0000
From: "Rose, Scott" <scott.rose@nist.gov>
To: Joe Abley <jabley@hopcount.ca>
Thread-Topic: [DNSOP] Whiskey Tango Foxtrot on key lengths...
Thread-Index: AQHPScRYV8RAcMPByEySs1tiofLNvJr0/H4AgAAPMwA=
Date: Thu, 27 Mar 2014 15:17:04 +0000
Message-ID: <69486672-0440-455E-912E-233F00698BC3@nist.gov>
References: <0EA28BE8-E872-46BA-85FD-7333A1E13172@icsi.berkeley.edu> <D9C84C71-1C87-48B3-AFAD-9F9D4AD97649@hopcount.ca>
In-Reply-To: <D9C84C71-1C87-48B3-AFAD-9F9D4AD97649@hopcount.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [129.6.140.6]
x-forefront-prvs: 01630974C0
x-forefront-antispam-report: SFV:NSPM; SFS:(10009001)(6009001)(428001)(377454003)(24454002)(51704005)(189002)(243025003)(199002)(83072002)(54316002)(56816005)(82746002)(94316002)(76482001)(77982001)(90146001)(74366001)(93136001)(15975445006)(46102001)(36756003)(93516002)(95416001)(2656002)(81686001)(56776001)(94946001)(95666003)(81542001)(53806001)(83716003)(86362001)(80022001)(19580405001)(15202345003)(74502001)(51856001)(87266001)(85306002)(81342001)(63696002)(76786001)(97186001)(79102001)(33656001)(20776003)(83322001)(4396001)(69226001)(19580395003)(92566001)(98676001)(74876001)(49866001)(81816001)(47736001)(31966008)(85852003)(97336001)(80976001)(47976001)(66066001)(59766001)(92726001)(54356001)(76796001)(87936001)(74662001)(47446002)(65816001)(77096001)(50986001)(74706001); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR09MB056; H:BLUPR09MB053.namprd09.prod.outlook.com; FPR:8B5479BF.8E1AC089.30F90FD7.C2C72E79.202F2; MLV:sfv; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (: nist.gov does not designate permitted sender hosts)
Content-Type: text/plain; charset="us-ascii"
Content-ID: <0F70E90DF1529B49B624685C57DFF07C@namprd09.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/9CjnObYmABThZ8vCXxVzNXmIu5g
Cc: dnsop WG <dnsop@ietf.org>, Nicholas Weaver <nweaver@icsi.berkeley.edu>
Subject: Re: [DNSOP] Whiskey Tango Foxtrot on key lengths...
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Mar 2014 15:17:11 -0000

On Mar 27, 2014, at 10:22 AM, Joe Abley <jabley@hopcount.ca> wrote:

> 
> On 27 Mar 2014, at 22:56, Nicholas Weaver <nweaver@icsi.berkeley.edu> wrote:
> 
>> Bits are not precious:  Until a DNS reply hits the fragmentation limit of ~1500B, size-matters-not (tm, Yoda Inc).  
>> 
>> So why are both root and com and org and, well, just about everyone else using 1024b keys for the actual signing?
> 
> Those requirements (for the root zone keys) came from NTIA via NIST:
> 
> http://www.ntia.doc.gov/files/ntia/publications/dnssec_requirements_102909.pdf (9)(a)(i)
> 
> (well, NIST specified a minimum key size, but the implication at the time was that that was a safe minimum).
> 
Safe enough, but not preferred - it was due to practical concerns at the time.  It was set that low (lower than approved for general USG use) mainly because there were unknown devices that had issues with large packet sizes (i.e. keyroll being a problem with low PTMU settings).  There are still some issues out there but getting better. 

It is likely safe enough now to increase to 2048 for both KSK and ZSK.  Zones are doing this now and haven't seen any horror stories.

Scott



> Bear in mind, I guess, that these keys have a publication lifetime that is relatively short. The window in which a factoring attack has an opportunity to find a result that can be exploited as a compromise is fairly narrow.
> 
> 
> Joe
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

===================================
Scott Rose
NIST
scott.rose@nist.gov
+1 301-975-8439
Google Voice: +1 571-249-3671
http://www.dnsops.gov/
===================================