To:
Bill Manning <bmanning@isi.edu>
cc:
scottr@antd.nist.gov, <dnssec@cafax.se>
From:
Brian Wellington <Brian.Wellington@nominum.com>
Date:
Wed, 18 Sep 2002 16:08:12 -0700 (PDT)
In-Reply-To:
<200209182300.g8IN0bq15406@boreas.isi.edu>
Sender:
owner-dnssec@cafax.se
Subject:
Re: key length & fragmentation
On Wed, 18 Sep 2002, Bill Manning wrote: > % On Tue, 17 Sep 2002, Bill Manning wrote: > % > % > % Short answer - "no" I don't think operational issues should dictate key > % > % lengths, but huge keys don't necessarily mean more secure either :) > % > > % > See the point above. If IDS/firewalls toss UDP fragments, > % > we loose. > % > % Maybe the right answer is to tune the EDNS packet size to avoid UDP > % fragmentation? 4096 is bigger than most MTUs, but 1280 probably isn't, > % and should be enough for most common responses. > > perhaps, but does that leave us w/ "strong enough" keys? Key length has nothing to do with the EDNS UDP buffer size - using a smaller value only means that messages are truncated sooner, which means they can fall back to TCP and avoid UDP fragmentation. There's still the problem that falling back to TCP is bad for performance, but most responses aren't that big (even with 4096 bit RSA keys, a 1280 byte message can hold 2 signatures). Brian