To:
dnsop@cafax.se
From:
Miek Gieben <miekg@atoom.net>
Date:
Thu, 28 Aug 2003 12:02:55 +0200
Content-Disposition:
inline
In-Reply-To:
<025501c36b2e$c364d9e0$b9370681@barnacle>
Mail-Followup-To:
dnsop@cafax.se
Sender:
owner-dnsop@cafax.se
User-Agent:
Vim/Mutt/Linux
Subject:
Re: draft-kolkman-dnssec-operational-practices-00.txt
[On 25 Aug, @19:31, Scott wrote in "Re: draft-kolkman-dnssec-opera ..."] > An opinion on section 3.2 (Security Key Considerations): It is the wrong > place for a discourse on key strengh, but a reference would be good for > further info for someone interested. Otherwise, it might be good to give > some rough rules to follow such as "the larger the zone, the larger the key" > and "larger the zone, zone key rollovers should be more frequent". thanks, I've added this. I think it is good to make such a non technical statement about key sizes. References to documents regarding key sizes is still a good idea, but I don't want to specify exact sizes in this draft. I do however have a document at home which has a table: year <-> key length. You can just look up the year and then find a key length. This runs up until the year 2025 (or something). Maybe that should be added as an reference... grtz Miek #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.