IETF Logo Mail Archive

Re: [DNSOP] Key sizes was Re: I-D Action:draft-ietf-dnsop-rfc4641bis-01.txt

Joe Abley <jabley@hopcount.ca> Sat, 25 April 2009 01:45 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F2CC03A6BBE for <dnsop@core3.amsl.com>; Fri, 24 Apr 2009 18:45:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id es5JoGsYCDO7 for <dnsop@core3.amsl.com>; Fri, 24 Apr 2009 18:45:01 -0700 (PDT)
Received: from monster.hopcount.ca (monster.hopcount.ca [199.212.90.4]) by core3.amsl.com (Postfix) with ESMTP id E2A763A6B8E for <dnsop@ietf.org>; Fri, 24 Apr 2009 18:45:00 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=monster; d=hopcount.ca; h=Received:Cc:Message-Id:From:To:In-Reply-To:Content-Type:Content-Transfer-Encoding:Mime-Version:Subject:Date:References:X-Mailer; b=WxeK8PcbCk54ydHrnii4LFMfARQUxE65EWesjQEDGJ7r5OCAgUlDN32IwQBpBNmWhhS7fb2NZaSBCC83Uf/lEMsVNKtwdxldm4XaD+UDT1Q0fyFFrU5fowLzKo7YY5RZ;
Received: from [199.212.90.13] (helo=calamari.hopcount.ca) by monster.hopcount.ca with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69 (FreeBSD)) (envelope-from <jabley@hopcount.ca>) id 1LxWy8-000DmM-AG; Sat, 25 Apr 2009 01:46:16 +0000
Message-Id: <90A997B2-4700-479E-9E49-CB84E2FCCBCA@hopcount.ca>
From: Joe Abley <jabley@hopcount.ca>
To: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <p0624087bc618150afc11@[10.20.30.158]>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v930.3)
Date: Fri, 24 Apr 2009 21:46:15 -0400
References: <49EDA81E.2000600@ca.afilias.info> <p06240807c613a658a056@[10.20.30.163]> <49EE276C.5070706@ca.afilias.info> <p06240814c613f23a6960@[10.20.30.163]> <49EEF042.3070109@ca.afilias.info> <alpine.LFD.1.10.0904221147060.7510@newtla.xelerance.com> <49EFA9C3.6090903@ca.afilias.info> <alpine.LFD.1.10.0904231142590.7788@newtla.xelerance.com> <alpine.LFD.1.10.0904241052270.26808@newtla.xelerance.com> <p06240813c61798e7e391@[10.20.30.158]> <20090424174722.GA30229@isc.org> <alpine.LFD.1.10.0904241514300.28588@newtla.xelerance.com> <14F6B497-51D8-4719-B3C2-814A7D20940D@hopcount.ca> <p0624087bc618150afc11@[10.20.30.158]>
X-Mailer: Apple Mail (2.930.3)
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Key sizes was Re: I-D Action:draft-ietf-dnsop-rfc4641bis-01.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Apr 2009 01:45:02 -0000

On 24 Apr 2009, at 21:17, Paul Hoffman wrote:

> At 7:53 PM -0400 4/24/09, Joe Abley wrote:
>> It seems fruitless to debate whether 1024 bits is sufficient if  
>> there's no real cost to just choosing (say) 4096 bits and avoiding  
>> the discussion.
>
> Please read the text: larger keys incur a real cost to people  
> validating.

The text contains the following sentence: "In a standard CPU, it takes  
about four times as long to sign or verify with a 2048-bit key as it  
does with a 1024-bit key." I couldn't find any other discussion of the  
cost to validators of large key sizes.

If there is a practical limit to key size due to concerns about  
peoples' validators running out of steam, then I think it needs to be  
stated clearly. Otherwise as a zone administrator my instinct will be  
to use keys that are as large as possible, since the costs incurred by  
doing so are going to be borne by other people and all I see is  
benefit (in the form of increased comfort level and a better story for  
upper management, even if there is no practical improvement in  
security).

On the flip side, how can the "real cost" for validator-operators that  
you assert be quantified?

I have a hand in running a couple of non-validating resolvers for a  
local ISP. 35,000 customers are served by two machines running BIND  
9.5.x on FreeBSD 7.1, and the CPUs are 96% idle at peak load. That's a  
fair amount of headroom, even ignoring the fact that the ISP in  
question is in the process of replacing each machine with an ECMP/OSPF  
cluster of two machines in order to simplify ad-hoc maintenance.

I'm not arguing about the assertion that there is a limit to what  
validators can tolerate. However, it seems reasonable to ask if it's  
the kind of limit that we need to worry about, and not, the kind of  
limit that is always going to fit in that headroom as validator  
hardware gets upgraded on a typical cycle and DNSSEC deployment  
proceeds over time.


Joe

v2.23.0 | Report a Bug | By Email