[dns-operations] Aging TLD RSA DNSKEYs...

Georg Kahest georg.kahest at internet.ee
Mon Jan 21 10:11:31 UTC 2019


Thank you for your observations Viktor.
.ee is in the proccess of rolling the ancient zsk and new key is already
signing the records and old zsk will be removed from the zone in coming


On Mon, 21 Jan 2019 at 00:13, Viktor Dukhovni <ietf-dane at dukhovni.org>

> Some TLDs have RSA ZSKs and KSKs that have gone unchanged since I
> first started capturing (hoarding) DNSKEY data on 2017-10-19.
> The total number of not yet seen to have rolled ZSKs is 798.
> The total number of not yet seen to have rolled KSKs is 1178.
> The attached tables, one for ZSKs and a second for KSKs, show for
> each TLD, the first observed date of the oldest extant key of each
> RSA bit length.  Sorted oldest to newest, then by RSA bit size, and
> finally by TLD name.
> It would be great if the operators of TLDs with 1024-bit ZSKs that
> are unchanged since 2017-10-19 or earlier would consider rolling
> over to new keys, and perhaps also switch to 1280-bit RSA keys, or
> ECDSA P-256 (algorithm 13).  The TLDs in question are:
>     aaa able accountant americanexpress amex analytics athleta
>     audible author aws ax az baby banamex bananarepublic baseball
>     best bg bible bid book booking bot buzz bw by ca call capetown
>     cartier cbn ceo chase chintai circle cisco citadel citi coupon
>     cricket date deal dealer dell deloitte discover download duns
>     dupont durban earth ee faith farmers fast ferrero fi fire flickr
>     fo ford fox free frl ftr gap gent got gr grainger gucci health
>     homegoods homesense honeywell hot hotels hr hsbc hyatt ieee
>     imdb intel intuit jmp jnj joburg jot joy jpmorgan kinder kindle
>     kiwi kpmg kpn kred like lilly lincoln lk loan marshalls mint
>     mlb mm moe moi mtr mutual na nfl now nyc office oldnavy open
>     osaka party pay pharmacy piaget pin ping praxi prime qpon qvc
>     racing read review rocher room safe safety samsung sas save
>     science secure sfr silk skype smile song spot statefarm stream
>     swiftcover sx taipei talk tdk tel teva tjmaxx tjx tkmaxx trade
>     tube tunes tushu uk uno vivo vu vuelos wanggou watches weather
>     weatherchannel webcam whoswho wien win winners wow ws xn--1ck2e1b
>     xn--1qqw23a xn--55qx5d xn--bck1b9a5dre4c xn--cck2b3b xn--cg4bki
>     xn--eckvdtc9d xn--fct429k xn--g2xx48c xn--gckr3f0f xn--gk3at1e
>     xn--io0a7i xn--jvr189m xn--kpu716f xn--l1acc xn--pbt977c
>     xn--rovu88b xn--wgbh1c yahoo yamaxun yandex you za zappos zero
>     zippo
> One might also consider now and then rotating even 1280-bit or
> better RSA keys. :-)
> Of special interest are perhaps the 19 ccTLDs with aged extant
> 1024-bit keys:
>     ax az bg bw by ca ee fi fo gr hr lk mm na sx uk vu ws za
> The KSK story looks much better.  The sole 1024-bit key was rotated
> just this month.  Of the KSKs not yet observed to have been rotated,
> only 5 are 1280-bit keys, the rest are 2048-bits or even in 12 cases
> 4096-bits (perhaps too big to be operationally sound).
> It is less clear that keeping 2048-bit keys around for more than a
> year is problematic, 2048-bit Web PKI certificates are not infrequently
> issued for 2 or 3 years, and the root CAs last a decade or two.  So
> KSK rotation for 2048-bit keys is perhaps more a matter of maintaining
> operational discipline (having working procedures that are exercised
> regularly) than a security imperative.
> --
>         Viktor.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20190121/96a2aaf3/attachment.html>

More information about the dns-operations mailing list