On 1/27/2015 2:00 PM, Viktor Dukhovni wrote:
Are you recommending rolling the ZSKs every 7 days, or are you talking about something else?
NO. I'm recommeding signature lifetimes of ~7 days for sites with the operational capacity to keep everything current on a tight schedule. This way, signatures of stale records expire quickly.
I am still not quite sure what you mean. I have a sneaky feeling that we are talking about two different things. My DNSKEYs have a life of about 60 days. which is what I thought you were taking about.
However, if I look a little closer I see that my RRSIG has a life of about 30 days. I don't remember specifying any times when I signed my zones, plus I am now using inline signing. think I had better find out how to specify these values for inline.
Overkill IMHO. Since the root zone signature is 2048 bits, anything stronger is just a waste of bandwidth and risks interoperability problems. I a decade from now, perhaps we'll have interoperable options based on soon to be defined best-practice ECC curves,
For now RSA-2048 is about as strong as you can reasonably get, and likely strong enough.
Given the length of root signatures, I have to agree that 2048 is it.
There is AFAIK no public evidence of practical key recovery attacks on RSA-1024, when properly seeded. Practical attacks on 2048-bit RSA seem rather unlikely at present.
That's the problem with cryptography. Nobody is going to tell you that they have broken you codes, you only find out when something unexpected or unpleasant happens.
Take care.