To:
"Bill Manning" <bmanning@isi.edu>, <dnssec@cafax.se>
From:
"Scott Rose" <scottr@antd.nist.gov>
Date:
Tue, 17 Sep 2002 13:48:42 -0400
Sender:
owner-dnssec@cafax.se
Subject:
Re: key length & fragmentation
Personally, I think key lengths should be chosen for security reasons, not DNS server implementation reasons. However, since any DNSSEC aware resolver/server should also be EDNS aware, so truncation/fragmentation will be a worry when big keysets are in the picture (multiple algorithms, etc). In the tests - what were the average size of the KEY RRsets? OTOH, I don't see why having a shorter key (that may have to be rolled over more often) is less secure than a longer key. The operational lifetime of a key can be measured by how much data is has to sign and how often it resigns the zone data. There are guidelines in some hardcore security policies from NSA/DoD - I can't name the off hand. Short answer - "no" I don't think operational issues should dictate key lengths, but huge keys don't necessarily mean more secure either :) Scott ----- Original Message ----- From: "Bill Manning" <bmanning@isi.edu> > resend from last week. > > > putzing about with keys of various lengths shows that > when keys are over a certain size, UDP fragmentation sets > in, In some cases, it is possible to actually get rollover > to TCP (although this seems to be a corner case) > > now I've been told that UDP fragmentation can be a bad thing, > leading to all sorts (well some kinds anyway) of odd > operational failures that are hard to debug. UDP failure > and rolling over to TCP is also considered a bad thing. > > so this question, "should key lengths be selected to > avoid fragmentation/TCP use?" > > if so, why? > if not, why not? > > > -- > --bill