[dns-operations] Aging TLD RSA DNSKEYs...
Paul Hoffman
phoffman at proper.com
Mon Jan 21 15:58:08 UTC 2019
On 20 Jan 2019, at 22:48, A. Schulze wrote:
> I also fully agree.
> Key rotation is important not only for DNSSEC. Think about DKIM keys.
> And as Let's Encrypt require certificate renew 4 times a year,
> many WebPKI keys are rotated, too.
>
> I don't see a reason to not rotate any keys.
I agree that key rotation in general is a good practice for the reasons
Viktor gave. My question was why would he focus that principle only on
1024-bit keys. If he had instead said "here are X keys that have not
been rotated in over two years", I would agree that encouraging people
to practice regular key rotation is good. At the same time, if the key
being rotated from is considered weak for no good reason (like 1024-bit
RSA keys), improving the key during a rotation is a good practice.
On 21 Jan 2019, at 1:11, Florian Weimer wrote:
> The DNS community assumes that each RSA signature weakens the public
> key
> slightly,
I sincerely hope you are incorrect about the DNS community here because
such an assumption is wrong until you get the number of signatures close
to bit-strength of the key, and even TLS doesn't have that property in
the real world. That is, it is absurd to think that any 1024-bit RSA
KSK, ZSK, or even TLS key is used 2^70 times in its lifetime where every
signature is seen by the attacker, and it would need to be used billions
of times more than that for any weakening of the protection.
--Paul Hoffman
More information about the dns-operations
mailing list