>> On Apr 25, 2022, at 11:20 AM, Petr Menšík <pemen...@redhat.com> wrote: >> I think the only good way would be starting considering shorter keys as >> insecure in FIPS mode. > > Agreed. We've been using 2408-bit ZSKs for more than ten years > now. It's definitely time to sunset acceptance of shorter keys > at this point.
Well, as Bjørn Mork said, it's one thing to insist on generating own RSA keypairs with >= 2048 bits or convert to using ECDSA, it's quite another to insist that all the rest of the world do this conversion RIGHT NOW. (And Bjørn mentioned that this may be a mis-interpretation of the FIPS mandate.) My take is that "Some level of security is better than none", and "Who are you to insist on the level of security I want to provide for my zone data?" There's going to be quite a bit of "action" to fix this. .in-addr.arpa zsk = 1024 bit RSA .com zsk = 1280 bit RSA .org zsk = 1024 bit RSA .mil zsk = 1024 bit RSA and I'm guessing that changing at least some of these will take a while, not perhaps first and foremost for technical reasons. I'm also guessing this is going to be a recurring theme throughout the trees fanned out below all of these. Regards, - Håvard _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
