[dns-operations] Aging TLD RSA DNSKEYs...

Viktor Dukhovni ietf-dane at dukhovni.org
Sun Jan 20 21:54:08 UTC 2019

Some TLDs have RSA ZSKs and KSKs that have gone unchanged since I
first started capturing (hoarding) DNSKEY data on 2017-10-19.

The total number of not yet seen to have rolled ZSKs is 798.
The total number of not yet seen to have rolled KSKs is 1178.

The attached tables, one for ZSKs and a second for KSKs, show for
each TLD, the first observed date of the oldest extant key of each
RSA bit length.  Sorted oldest to newest, then by RSA bit size, and
finally by TLD name.

It would be great if the operators of TLDs with 1024-bit ZSKs that
are unchanged since 2017-10-19 or earlier would consider rolling
over to new keys, and perhaps also switch to 1280-bit RSA keys, or
ECDSA P-256 (algorithm 13).  The TLDs in question are:

    aaa able accountant americanexpress amex analytics athleta
    audible author aws ax az baby banamex bananarepublic baseball
    best bg bible bid book booking bot buzz bw by ca call capetown
    cartier cbn ceo chase chintai circle cisco citadel citi coupon
    cricket date deal dealer dell deloitte discover download duns
    dupont durban earth ee faith farmers fast ferrero fi fire flickr
    fo ford fox free frl ftr gap gent got gr grainger gucci health
    homegoods homesense honeywell hot hotels hr hsbc hyatt ieee
    imdb intel intuit jmp jnj joburg jot joy jpmorgan kinder kindle
    kiwi kpmg kpn kred like lilly lincoln lk loan marshalls mint
    mlb mm moe moi mtr mutual na nfl now nyc office oldnavy open
    osaka party pay pharmacy piaget pin ping praxi prime qpon qvc
    racing read review rocher room safe safety samsung sas save
    science secure sfr silk skype smile song spot statefarm stream
    swiftcover sx taipei talk tdk tel teva tjmaxx tjx tkmaxx trade
    tube tunes tushu uk uno vivo vu vuelos wanggou watches weather
    weatherchannel webcam whoswho wien win winners wow ws xn--1ck2e1b
    xn--1qqw23a xn--55qx5d xn--bck1b9a5dre4c xn--cck2b3b xn--cg4bki
    xn--eckvdtc9d xn--fct429k xn--g2xx48c xn--gckr3f0f xn--gk3at1e
    xn--io0a7i xn--jvr189m xn--kpu716f xn--l1acc xn--pbt977c
    xn--rovu88b xn--wgbh1c yahoo yamaxun yandex you za zappos zero

One might also consider now and then rotating even 1280-bit or
better RSA keys. :-)

Of special interest are perhaps the 19 ccTLDs with aged extant
1024-bit keys:

    ax az bg bw by ca ee fi fo gr hr lk mm na sx uk vu ws za

The KSK story looks much better.  The sole 1024-bit key was rotated
just this month.  Of the KSKs not yet observed to have been rotated,
only 5 are 1280-bit keys, the rest are 2048-bits or even in 12 cases
4096-bits (perhaps too big to be operationally sound).

It is less clear that keeping 2048-bit keys around for more than a
year is problematic, 2048-bit Web PKI certificates are not infrequently
issued for 2 or 3 years, and the root CAs last a decade or two.  So
KSK rotation for 2048-bit keys is perhaps more a matter of maintaining
operational discipline (having working procedures that are exercised
regularly) than a security imperative.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: zskage.txt.gz
Type: application/gzip
Size: 10185 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20190120/9d55001b/attachment.gz>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kskage.txt.gz
Type: application/gzip
Size: 8737 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20190120/9d55001b/attachment-0001.gz>

More information about the dns-operations mailing list