[dns-operations] suggested DNSKEY type

Viktor Dukhovni ietf-dane at dukhovni.org
Tue Mar 27 15:02:48 UTC 2018


On Tue, Mar 27, 2018 at 12:22:49PM +0200, A. Schulze wrote:

> I've some zones signed with DNSSEC Key type 10 (RSASHA512)
> I like to change the key type and would like to ask about the `better` choice:
> 
>  - type 8  / RSASHA256
>  - type 13 / ECDSAP256SHA256

Use type 13, any system bleeding-edge enough to support DANE, will
also support ECDSA for DNSSEC, and there is in any case already
widespread support for it.  The most significant benefit is smaller
DNS packet sizes, which avoid potential issues with UDP fragmentation.

If you do choose RSA, I'd recommed a 2048-bit KSK and a 1280-bit
ZSK.

On Tue, Mar 27, 2018 at 03:28:33PM +0200, A. Schulze wrote:

> I would prefer ECDSAP256SHA256 because smaller response size.
> But how many user will get lost because their resolver don't support ECDSAP256SHA256?
> What's with MTAs no longer deliver email messages to my MX because DANE fail?

As explained in another response that won't happen.  Worst case some
rather unusual MTA will use opportunistic TLS instead.

> do have other DNS operators experiences?

Here are the DNSKEY RR algorithm frequeies from the DANE survey of
5.3 million domains:

      count  | alg
    ---------+-----
     6555386 |   8
     3823984 |   7
     1331242 |  13
      261719 |   5
       89726 |  14
       65592 |  10
	2315 |   3
	  37 |   6
	  36 |  12
	  10 |  15

The top 3 choices are all sufficiently mainstream, but algorithm
10 is also a reasonable choice, if you do choose RSA, go with a
1536-bit or 2048-bit KSK and a 1280-bit ZSK to keep packet sizes
more modest.  Some crypto maximalists might make noises at you,
but these are fine choices.

-- 
	Viktor.



More information about the dns-operations mailing list