On 17/06/2010 5:34 PM, Eric Rescorla wrote:
On Thu, Jun 17, 2010 at 2:15 PM, Olafur Gudmundsson<o...@ogud.com> wrote:
Background #3: Key strengths and life time
RSA and DSA algorithms have the interesting property that the number of bits
in the key can be selected, by adding bits to the key the key gets stronger.
Stronger keys can be used longer.
I know I'm repeating myself, but this is simply not correct for any plausible
lifetimes or key sizes I've provided my analysis several times:
http://www.educatedguesswork.org/2009/10/on_the_security_of_zsk_rollove.html
If you have some analysis that supports this argument please post it.
-Ekr
Ekr,
I agree with you but there are still people out there that believe
that key size is a tradoff in time.
Remember I'm arguing against the KSK+ZSK split in most cases, a
different thread will be started on key size recommendation.
This should be another recommendation for changes in rfc4641-bis
Olafur
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
