On Thu, Mar 27, 2014 at 11:05 AM, Nicholas Weaver <nwea...@icsi.berkeley.edu > wrote:
> > Frankly speaking, since the root uses NSEC rather than NSEC3, IMO it > should be 4096b for both the KSK and ZSK. But I'd be happy with 2048b. > Using 1024b is a recipe to ensure that DNSSEC is not taken seriously. > > I think I know how to get this fixed. I'll just tell the New York Times that DNSSEC has to be still considered a science project until they stop relying on obsolete crypto. -- Website: http://hallambaker.com/
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
