Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA validation of <2048 keys
Havard Eidnes <he@uninett.no> Mon, 25 April 2022 11:31 UTC
Return-Path: <he@uninett.no>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D44473A17F6 for <dnsop@ietfa.amsl.com>; Mon, 25 Apr 2022 04:31:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=uninett.no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EP6bPhba9AEP for <dnsop@ietfa.amsl.com>; Mon, 25 Apr 2022 04:31:35 -0700 (PDT)
Received: from smistad.uninett.no (smistad.uninett.no [158.38.62.77]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04EF73A1813 for <dnsop@ietf.org>; Mon, 25 Apr 2022 04:31:34 -0700 (PDT)
Received: from smistad.uninett.no (smistad.uninett.no [158.38.62.77]) by smistad.uninett.no (Postfix) with ESMTP id 8878A43F4DB; Mon, 25 Apr 2022 13:31:31 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uninett.no; s=he201803; t=1650886291; bh=mo6+PjZA0nW5IaGcQTX+c7iFMimABLWc5NzqV+jO7+c=; h=Date:To:Cc:Subject:From:In-Reply-To:References:From; b=DTXpJiOWos0nyfn85qUokVcdG0LS8EFsloRST88YBweW0wXEsfY9dU6UAb2CJhN/w hkgUqhkeE25/lgZ7BA6B/7CwWoruScjURiwwYfUVRLMB/12RgQHFIS4SUeWLkPETO2 nsv0SaeFv90lZtR0poqAafWK9JL9E+3uJ+o6nktU=
Date: Mon, 25 Apr 2022 13:31:31 +0200
Message-Id: <20220425.133131.1578289127277189889.he@uninett.no>
To: woody@pch.net
Cc: pemensik@redhat.com, dnsop@ietf.org
From: Havard Eidnes <he@uninett.no>
In-Reply-To: <06915BF1-86CA-4554-B3F5-82CCFFBF78E5@pch.net>
References: <356059e5-e973-3d6c-569c-9ff9d9fe16e6@redhat.com> <06915BF1-86CA-4554-B3F5-82CCFFBF78E5@pch.net>
X-Mailer: Mew version 6.8 on Emacs 26.3
Mime-Version: 1.0
Content-Type: Text/Plain; charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/omIWQovLHyKI1OYOau6sgCn71Hw>
Subject: Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA validation of <2048 keys
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Apr 2022 11:31:51 -0000
>> On Apr 25, 2022, at 11:20 AM, Petr Menšík <pemensik@redhat.com> wrote: >> I think the only good way would be starting considering shorter keys as >> insecure in FIPS mode. > > Agreed. We've been using 2408-bit ZSKs for more than ten years > now. It's definitely time to sunset acceptance of shorter keys > at this point. Well, as Bjørn Mork said, it's one thing to insist on generating own RSA keypairs with >= 2048 bits or convert to using ECDSA, it's quite another to insist that all the rest of the world do this conversion RIGHT NOW. (And Bjørn mentioned that this may be a mis-interpretation of the FIPS mandate.) My take is that "Some level of security is better than none", and "Who are you to insist on the level of security I want to provide for my zone data?" There's going to be quite a bit of "action" to fix this. .in-addr.arpa zsk = 1024 bit RSA .com zsk = 1280 bit RSA .org zsk = 1024 bit RSA .mil zsk = 1024 bit RSA and I'm guessing that changing at least some of these will take a while, not perhaps first and foremost for technical reasons. I'm also guessing this is going to be a recurring theme throughout the trees fanned out below all of these. Regards, - Håvard
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Petr Menšík
- [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA validat… Petr Menšík
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Bjørn Mork
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Bill Woodcock
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Havard Eidnes
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Bill Woodcock
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Paul Wouters
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Petr Menšík