[dns-operations] Aging TLD RSA DNSKEYs...
A. Schulze
sca at andreasschulze.de
Mon Jan 21 06:48:57 UTC 2019
Viktor Dukhovni:
> A fair question. The pros are:
>
> * The DNSSEC haters would not have the opportunity to sneer
> all those long-lived 1024-bit keys. The WebPKI has stopped
> using RSA-1024, and NIST's key size guidelines had RSA-1024
> only good through 2010 or so (IIRC).
>
> * Even when keys are not brute forced, there is some risk of
> keys getting disclosed by various means, sometimes unbeknownst
> to the legitimate key holder. So rotating keys periodically
> is a sound practice.
>
> * We don't know whether any of the TLAs can break 1024-bit RSA,
> but the risk is taken seriously by at least some maintstream
> cryptographers, so it seems prudent to move to stronger keys.
>
> * Finally, if you never roll your keys routinely, you probably
> don't know how to do it in an emergency. Best to keep the
> gears well oiled.
I also fully agree.
Key rotation is important not only for DNSSEC. Think about DKIM keys.
And as Let's Encrypt require certificate renew 4 times a year,
many WebPKI keys are rotated, too.
I don't see a reason to not rotate any keys.
Andreas
More information about the dns-operations
mailing list