Re: [DNSOP] Whiskey Tango Foxtrot on key lengths...
Phillip Hallam-Baker <hallam@gmail.com> Thu, 27 March 2014 15:06 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE5D11A075F for <dnsop@ietfa.amsl.com>; Thu, 27 Mar 2014 08:06:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wtmc5O4Oh97E for <dnsop@ietfa.amsl.com>; Thu, 27 Mar 2014 08:06:02 -0700 (PDT)
Received: from mail-lb0-x235.google.com (mail-lb0-x235.google.com [IPv6:2a00:1450:4010:c04::235]) by ietfa.amsl.com (Postfix) with ESMTP id 587591A0760 for <dnsop@ietf.org>; Thu, 27 Mar 2014 08:06:02 -0700 (PDT)
Received: by mail-lb0-f181.google.com with SMTP id c11so2747340lbj.12 for <dnsop@ietf.org>; Thu, 27 Mar 2014 08:06:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=aluJA80H1OtKC3ISgEdpJn2r6CPPQnzi7QxRvmECL/k=; b=LMsvfXS6xuGw3MHGQtxOSCj4TukvQOF8VEy1lpgx8Hqhntg0R+r1eLvGKW07vhBXUo o9sUXNdV7ah67RBXY7CKrdrS2Tc9gTANMhZ42sB2A22MY2cuHey4nx3XzVYhq7PVZ5CG FtzO1xeAQKiojtjYyNOha75i+dlNYLRuejprxzTTg2tJh/c89MveIofREXDo6ofGJ24m 0qaTkO2axcIjI7inI/wSJiidR6Nrb3yTBlQR+0kXxzI0+hzwozRNJp+P9nO/jxQEUmE1 p8XHbxHyAKZCavg94qRMMvCSTvejvuDI6OGsveByP64i2IFKGaQAkL8KgCjmC/HwCZwP LmuQ==
MIME-Version: 1.0
X-Received: by 10.152.42.230 with SMTP id r6mr1315985lal.32.1395932759871; Thu, 27 Mar 2014 08:05:59 -0700 (PDT)
Received: by 10.112.234.229 with HTTP; Thu, 27 Mar 2014 08:05:59 -0700 (PDT)
In-Reply-To: <4B70E4D6-6750-4E5A-9058-7F94588DEF4C@vpnc.org>
References: <0EA28BE8-E872-46BA-85FD-7333A1E13172@icsi.berkeley.edu> <4B70E4D6-6750-4E5A-9058-7F94588DEF4C@vpnc.org>
Date: Thu, 27 Mar 2014 11:05:59 -0400
Message-ID: <CAMm+LwgvXzDJGVMoueXZzv3WqLpAjP+QNBqVPJDHgZpsuu26nw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: multipart/alternative; boundary="001a11c3678048563504f597ecac"
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/qvxHhIcCXXznVdTZOGJl42-bTiY
Cc: dnsop WG <dnsop@ietf.org>, Nicholas Weaver <nweaver@icsi.berkeley.edu>
Subject: Re: [DNSOP] Whiskey Tango Foxtrot on key lengths...
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Mar 2014 15:06:12 -0000
On Thu, Mar 27, 2014 at 10:52 AM, Paul Hoffman <paul.hoffman@vpnc.org>wrote: > On Mar 27, 2014, at 6:56 AM, Nicholas Weaver <nweaver@ICSI.Berkeley.EDU> > wrote: > > > and 1024B is estimated at only "a thousand times harder". > > Does that estimate include a prediction that the method to factor RSA will > improve significantly as it has in the past? The authors were unclear on > that in their estimate. > > > Do you really want someone like me to try to get an EC2 academic grant > for the cluster and a big slashdot/boingboing crowd for the sieving to > factor the root ZSK? > > Yes. If doing it for the DNS root key is too politically challenging, > maybe do it for one of the 1024-bit trust anchors in the browser root pile. > Failing that, just do it for any 1024-bit key. Successes in the past for > the RSA challenge have gotten movement to happen. > RSA-768 was factored just after that NIST guidance was published. Based on previous history I expect RSA896 to be factored in the near future. In fact it might have been factored already if all the worlds spare CPU cycles were doing something more useful than mining bitcoin. So relying on 1024 bit RSA is really leaving no margin for error. -- Website: http://hallambaker.com/
- [DNSOP] Whiskey Tango Foxtrot on key lengths... Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Hoffman
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Rose, Scott
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Stephane Bortzmeyer
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Matthäus Wander
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Christopher Morrow
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Christopher Morrow
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Wouters
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Wouters
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Bill Woodcock
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Tony Finch
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Andrew Sullivan
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Tony Finch
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Thierry Moreau
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Matthäus Wander
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… S Moonesamy
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Bill Woodcock
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Jelte Jansen
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Mark Andrews
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Mark Andrews
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Hoffman
- [DNSOP] CD (Re: Whiskey Tango Foxtrot on key leng… Evan Hunt
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Mark Andrews
- [DNSOP] CD bit (was Re: Whiskey Tango Foxtrot on … Andrew Sullivan
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Wouters
- Re: [DNSOP] CD bit (was Re: Whiskey Tango Foxtrot… Mark Andrews
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] CD bit (was Re: Whiskey Tango Foxtrot… Andrew Sullivan
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Colm MacCárthaigh
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- [DNSOP] Current DNSOP thread and why 1024 bits Edward Lewis
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Stephane Bortzmeyer
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Hoffman
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Hoffman
- [DNSOP] mailing list behavior Re: Current DNSOP t… Suzanne Woolf
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Colm MacCárthaigh
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Wouters
- Re: [DNSOP] Current DNSOP thread and why 1024 bits S Moonesamy
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Hoffman
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Rose, Scott
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Mark Andrews
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Colm MacCárthaigh
- Re: [DNSOP] Current DNSOP thread and why 1024 bits S Moonesamy
- Re: [DNSOP] Current DNSOP thread and why 1024 bits David Conrad
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Wouters
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Ben Laurie
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Francis Dupont