[dns-operations] Obsoleting 1024-bit RSA ZSKs (move to 1280 or algorithm 13)
Matt Nordhoff
mnordhoff at gmail.com
Fri Oct 22 16:10:54 UTC 2021
This email is technically a reply to Viktor, but it's not really a
reply to anyone in particular.
There are challenges to upgrading to larger keys, or rolling
algorithms, but how insurmountable are they?
There are at least 139 TLDs using 2048-bit or larger DNSSEC keys
*right now* -- and that's excluding about two dozen that are in the
middle of migrating to a different registry and downgrading to
1280-bit ZSKs.
In mid-2020, one registry was doing some kind of migration and left a
few hundred TLDs entirely double-signed with 1280-bit RSA for a couple
of months. They were paying double their usual cryptography cost, and
the TCP cost (which was, granted, lower pre-Flag Day), and the
fragmentation cost.
Whatever expenses, deployment and planning difficulties there are, all
of these registries were able to handle them.
Many commercial DNS operators are multi-hundred-million or even
multi-billion dollar companies. Some of them could probably afford to
buy literally every HSM in the world. A few wouldn't even put a dent
in their quarterly numbers.
And if they want to get out of the industry, their customers can still
go elsewhere (despite the last decade of consolidation).
--
Matt Nordhoff
More information about the dns-operations
mailing list