On Wed 2021-04-28 12:02:18+0200 Mark wrote: > On 4/28/21 11:51, Tony Finch wrote: > > > Yes. I recommend p256 because the security advantages of p384 are > > not significant enough to justify the increased costs in space > > (packet size) and time. > > Both 13 and 14 are already smaller than 8 (which is the most widely > deployed algorithm today).
For those interested, actual numbers for algorithm deployment can be found in the DNSSEC parameter frequency analysis section of https://stats.dnssec-tools.org/. -- Robert Story <http://www.isi.edu/~rstory> USC Information Sciences Institute <http://www.isi.edu/>
