Waiting twice the TTL is the safe option. Start counting from when you
see the new DS record in the parent. To be even more pedantic, start
counting after all authoritative Nameservers have the new DS record...
Quite easy to do from a script.
And the recommendation to move to ecdsa-p256-sha256 is a good one -
makes you a lot less appetising to be used in a DNS amplification attack.
On 4/30/21 3:05 AM, Edwardo Garcia wrote:
Halo Tony,
Thank you, wow ecdsa-p256-sha256 produce keys 1/10th the size of rsa,
strange how this better but we have made change as
from your howto, thank you, now 24 hour and all seems ok from what we
tell, and the test site says all good.
One question however it talk about longest TTL, does this mean also
root TLD zones (.com, .net) which from memory are 48 hours, so before
we delete old keys we need wait 48 hours, even though our zone TTL was
24 ?
Thank you, wow much much easy than I hoped for :-)
On Wed, Apr 28, 2021 at 12:08 PM Tony Finch <d...@dotat.at
<mailto:d...@dotat.at>> wrote:
Edwardo Garcia <wdgar...@gmail.com <mailto:wdgar...@gmail.com>> wrote:
>
> Many year ago we set up DNSSEC, our key were generated with sha1
as was
> recommended way back all them years. We too are not DNSSEC guru,
so some
> answer may be simple
Well, you are going to do an algorithm rollover, which is one of
the more
tricky things you can do with DNSSEC. So, plan to do some testing,
a trial
run, with a spare zone that you can break without worrying.
If you like to understand things by getting an idea of the wider
context
then there are a couple of RFCs on the general subject of key
rollovers.
The parts that are most relevant are the algorithm rollover
section in RFC
6781 and the double-KSK section in RFC 7583.
https://tools.ietf.org/html/rfc6781
<https://tools.ietf.org/html/rfc6781>
https://tools.ietf.org/html/rfc7583
<https://tools.ietf.org/html/rfc7583>
DNSSEC has got easier since those RFCs were written, so you might
as well
just skip to the howto bits below :-) It turns out, I wrote most
of this
reply over a year ago...
> Also we use ZSK -b 1024 and KSK -b 4096
> even modern google from apnic show example ZSK of only 1024? is
this still
> secure?
The current recommendation for DNSSEC algorithms is:
* you already know you want to choose something based on sha256
- it's
secure enough, so there's no need for bigger hashes
* ecdsa-p256-sha256 (13) is the best choice, because it is widely
supported and produces small signatures
* if you must use RSA, use 2048 bit keys for both zsk and ksk.
1024 bits
is not secure; 2048 has a roughly comparable security level to
sha256
(112ish bits vs 128 bits); 4096 is big and slow and probably
not worth
the cost
* I would like to be able to deploy ed25519 (a better elliptic curve
than p256) but it is not yet supported well enough
> Is best practise for doing this, replacing the keys completely,
more or
> less like start fresh again?
>
> We do use inline signing and automatic maintain.
I did a wholesale algorithm rollover from RSASHA1 to p256 around
the end
of 2019 and I wrote an algorithm rollover guide for colleagues in
other
parts of our university who run their own DNS. It's basically
three steps
with lots of waiting in between:
https://www.dns.cam.ac.uk/news/2020-01-15-rollover.html
<https://www.dns.cam.ac.uk/news/2020-01-15-rollover.html>
The "Semi-automated DS updates" section probably isn't relevant to
you,
and the "Future" section has been made obsolete by dnssec-policy.
But the
rest of it should guide you through the essentials.
(Also, the RIPE NCC does now support CDS records.)
And use these DNS checking services to verify that it is working as
expected:
https://dnsviz.net/ <https://dnsviz.net/>
https://zonemaster.net/ <https://zonemaster.net/>
Tony.
--
f.anthony.n.finch <d...@dotat.at <mailto:d...@dotat.at>>
https://dotat.at/ <https://dotat.at/>
Rattray Head to Berwick upon Tweed: North or northeast 4 or 5,
occasionally 3 later. Slight or moderate. Showers. Good.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Mark James ELKINS - Posix Systems - (South) Africa
m...@posix.co.za Tel: +27.826010496 <tel:+27826010496>
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za
<https://ftth.posix.co.za>
Posix SystemsVCARD for MJ Elkins
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
