[dns-operations] suggested DNSKEY type
A. Schulze
sca at andreasschulze.de
Tue Mar 27 15:29:48 UTC 2018
Hello Viktor,
thanks for the detailed response.
I think I follow your suggestion and my preference: ECDSAP256SHA256
Andreas
Am 27.03.2018 um 17:02 schrieb Viktor Dukhovni:
> On Tue, Mar 27, 2018 at 12:22:49PM +0200, A. Schulze wrote:
>
>> I've some zones signed with DNSSEC Key type 10 (RSASHA512)
>> I like to change the key type and would like to ask about the `better` choice:
>>
>> - type 8 / RSASHA256
>> - type 13 / ECDSAP256SHA256
>
> Use type 13, any system bleeding-edge enough to support DANE, will
> also support ECDSA for DNSSEC, and there is in any case already
> widespread support for it. The most significant benefit is smaller
> DNS packet sizes, which avoid potential issues with UDP fragmentation.
>
> If you do choose RSA, I'd recommed a 2048-bit KSK and a 1280-bit
> ZSK.
>
> On Tue, Mar 27, 2018 at 03:28:33PM +0200, A. Schulze wrote:
>
>> I would prefer ECDSAP256SHA256 because smaller response size.
>> But how many user will get lost because their resolver don't support ECDSAP256SHA256?
>> What's with MTAs no longer deliver email messages to my MX because DANE fail?
>
> As explained in another response that won't happen. Worst case some
> rather unusual MTA will use opportunistic TLS instead.
>
>> do have other DNS operators experiences?
>
> Here are the DNSKEY RR algorithm frequeies from the DANE survey of
> 5.3 million domains:
>
> count | alg
> ---------+-----
> 6555386 | 8
> 3823984 | 7
> 1331242 | 13
> 261719 | 5
> 89726 | 14
> 65592 | 10
> 2315 | 3
> 37 | 6
> 36 | 12
> 10 | 15
>
> The top 3 choices are all sufficiently mainstream, but algorithm
> 10 is also a reasonable choice, if you do choose RSA, go with a
> 1536-bit or 2048-bit KSK and a 1280-bit ZSK to keep packet sizes
> more modest. Some crypto maximalists might make noises at you,
> but these are fine choices.
>
More information about the dns-operations
mailing list