Re: [DNSOP] Whiskey Tango Foxtrot on key lengths...
Phillip Hallam-Baker <hallam@gmail.com> Thu, 27 March 2014 14:58 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 838F81A0732 for <dnsop@ietfa.amsl.com>; Thu, 27 Mar 2014 07:58:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kDmXlr71WZMM for <dnsop@ietfa.amsl.com>; Thu, 27 Mar 2014 07:58:52 -0700 (PDT)
Received: from mail-la0-x232.google.com (mail-la0-x232.google.com [IPv6:2a00:1450:4010:c03::232]) by ietfa.amsl.com (Postfix) with ESMTP id 3ABEF1A02DB for <dnsop@ietf.org>; Thu, 27 Mar 2014 07:58:52 -0700 (PDT)
Received: by mail-la0-f50.google.com with SMTP id y1so2758379lam.9 for <dnsop@ietf.org>; Thu, 27 Mar 2014 07:58:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Fsk6wW5KLUqJJoKo1ZY2V6xDGVrfQ6ASunq9gEXX2Go=; b=oXHii03gzEJdoAfnaxVSUQAyjXupZOcqHWEpMRGhoZJz1eMjj1ooCILKzTXkoNN4Km ptPXZ4WmS3iyCCoHUKF15w8d5ArWlWItjPw/B/AKQIFg0jsENXAMmQB1gK/ACfFsMkfN r+Wa378EUKiFtmCYxt9GcDvSdxZ6RKgHSp3LksS1VXiNYHS4owxfFQHoag3LkgIXBfen ICBXPCHOg0RhM4XJ5cOf+hrxWKXxv7TVLrL79dwn7BBtO1xzMdjOTamVKZ3zbg47N2oy Ah/oCUH5AhViUG6Xwep6GIfNDgqjuobDaUJiwZ4cg//4X4hz91aBYnviS+7DzKxLuZzx yt2w==
MIME-Version: 1.0
X-Received: by 10.112.49.197 with SMTP id w5mr8327lbn.65.1395932329630; Thu, 27 Mar 2014 07:58:49 -0700 (PDT)
Received: by 10.112.234.229 with HTTP; Thu, 27 Mar 2014 07:58:49 -0700 (PDT)
In-Reply-To: <D9C84C71-1C87-48B3-AFAD-9F9D4AD97649@hopcount.ca>
References: <0EA28BE8-E872-46BA-85FD-7333A1E13172@icsi.berkeley.edu> <D9C84C71-1C87-48B3-AFAD-9F9D4AD97649@hopcount.ca>
Date: Thu, 27 Mar 2014 10:58:49 -0400
Message-ID: <CAMm+Lwj6jDnnUk_e1t8O9KqjB0XsQRgpODMz8sjCnZayXsbwnw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Joe Abley <jabley@hopcount.ca>
Content-Type: multipart/alternative; boundary="001a1135f646a363b404f597d2ba"
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/rUmvNuNLfvblV72HCXbPoxAKSn8
Cc: dnsop WG <dnsop@ietf.org>, Nicholas Weaver <nweaver@icsi.berkeley.edu>
Subject: Re: [DNSOP] Whiskey Tango Foxtrot on key lengths...
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Mar 2014 14:58:55 -0000
The NIST Guidance is from 2009. It is long since obsolete. This is one of the reasons why we need to take advice on crypto algorithms in house and make them IETF wide. Which is why I was asked to write this: https://datatracker.ietf.org/doc/draft-hallambaker-consensuscrypto/ Having DNSSEC use 1024 bit RSA when we know it is unsafe sends a really bad message. We are currently phasing out use of 1024 bit crypto in the Web PKI for far less core concerns than the DNS roots. This is one of the reasons why I am proposing support for multi-packet UDP responses in PRIVATE-DNS. I am not sure that they are necessary. It might well be that 1500 bytes is sufficient for all DNS messages as argued here. But right now we have people making really bad decisions because of a design constraint. If we are going to encrypt messages that is going to eat up a few bytes in each packet no matter what we do. IPSEC consumes quite a few bytes. Trying to dance round this constraint is not making the protocol any simpler. All it is doing is pushing the complexity balloon down in one place and have bits pop out all over the place. On Thu, Mar 27, 2014 at 10:22 AM, Joe Abley <jabley@hopcount.ca> wrote: > > On 27 Mar 2014, at 22:56, Nicholas Weaver <nweaver@icsi.berkeley.edu> > wrote: > > > Bits are not precious: Until a DNS reply hits the fragmentation limit > of ~1500B, size-matters-not (tm, Yoda Inc). > > > > So why are both root and com and org and, well, just about everyone else > using 1024b keys for the actual signing? > > Those requirements (for the root zone keys) came from NTIA via NIST: > > > http://www.ntia.doc.gov/files/ntia/publications/dnssec_requirements_102909.pdf(9)(a)(i) > > (well, NIST specified a minimum key size, but the implication at the time > was that that was a safe minimum). > > Bear in mind, I guess, that these keys have a publication lifetime that is > relatively short. The window in which a factoring attack has an opportunity > to find a result that can be exploited as a compromise is fairly narrow. > > > Joe > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > > -- Website: http://hallambaker.com/
- [DNSOP] Whiskey Tango Foxtrot on key lengths... Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Hoffman
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Rose, Scott
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Stephane Bortzmeyer
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Matthäus Wander
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Christopher Morrow
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Christopher Morrow
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Wouters
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Wouters
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Bill Woodcock
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Tony Finch
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Andrew Sullivan
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Tony Finch
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Thierry Moreau
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Matthäus Wander
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… S Moonesamy
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Bill Woodcock
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Jelte Jansen
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Mark Andrews
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Mark Andrews
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Hoffman
- [DNSOP] CD (Re: Whiskey Tango Foxtrot on key leng… Evan Hunt
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Mark Andrews
- [DNSOP] CD bit (was Re: Whiskey Tango Foxtrot on … Andrew Sullivan
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Wouters
- Re: [DNSOP] CD bit (was Re: Whiskey Tango Foxtrot… Mark Andrews
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] CD bit (was Re: Whiskey Tango Foxtrot… Andrew Sullivan
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Colm MacCárthaigh
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- [DNSOP] Current DNSOP thread and why 1024 bits Edward Lewis
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Stephane Bortzmeyer
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Hoffman
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Hoffman
- [DNSOP] mailing list behavior Re: Current DNSOP t… Suzanne Woolf
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Colm MacCárthaigh
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Wouters
- Re: [DNSOP] Current DNSOP thread and why 1024 bits S Moonesamy
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Hoffman
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Rose, Scott
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Mark Andrews
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Colm MacCárthaigh
- Re: [DNSOP] Current DNSOP thread and why 1024 bits S Moonesamy
- Re: [DNSOP] Current DNSOP thread and why 1024 bits David Conrad
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Wouters
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Ben Laurie
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Francis Dupont