[dns-operations] Aging TLD RSA DNSKEYs...

Paul Hoffman phoffman at proper.com
Mon Jan 21 15:58:08 UTC 2019

On 20 Jan 2019, at 22:48, A. Schulze wrote:

> I also fully agree.
> Key rotation is important not only for DNSSEC. Think about DKIM keys.
> And as Let's Encrypt require certificate renew 4 times a year,
> many WebPKI keys are rotated, too.
> I don't see a reason to not rotate any keys.

I agree that key rotation in general is a good practice for the reasons 
Viktor gave. My question was why would he focus that principle only on 
1024-bit keys. If he had instead said "here are X keys that have not 
been rotated in over two years", I would agree that encouraging people 
to practice regular key rotation is good. At the same time, if the key 
being rotated from is considered weak for no good reason (like 1024-bit 
RSA keys), improving the key during a rotation is a good practice.

On 21 Jan 2019, at 1:11, Florian Weimer wrote:

> The DNS community assumes that each RSA signature weakens the public 
> key
> slightly,

I sincerely hope you are incorrect about the DNS community here because 
such an assumption is wrong until you get the number of signatures close 
to bit-strength of the key, and even TLS doesn't have that property in 
the real world. That is, it is absurd to think that any 1024-bit RSA 
KSK, ZSK, or even TLS key is used 2^70 times in its lifetime where every 
signature is seen by the attacker, and it would need to be used billions 
of times more than that for any weakening of the protection.

--Paul Hoffman

More information about the dns-operations mailing list