To:
Brian.Wellington@nominum.com (Brian Wellington)
Cc:
bmanning@isi.edu, scottr@antd.nist.gov, dnssec@cafax.se
From:
Bill Manning <bmanning@isi.edu>
Date:
Wed, 18 Sep 2002 17:28:25 -0700 (PDT)
In-Reply-To:
<Pine.LNX.4.44.0209181605540.21236-100000@spratly.nominum.com> from Brian Wellington at "Sep 18, 2 04:08:12 pm"
Sender:
owner-dnssec@cafax.se
Subject:
Re: key length & fragmentation
% > % Maybe the right answer is to tune the EDNS packet size to avoid UDP % > % fragmentation? 4096 is bigger than most MTUs, but 1280 probably isn't, % > % and should be enough for most common responses. % > % > perhaps, but does that leave us w/ "strong enough" keys? % % Key length has nothing to do with the EDNS UDP buffer size - using a % smaller value only means that messages are truncated sooner, which means % they can fall back to TCP and avoid UDP fragmentation. % % There's still the problem that falling back to TCP is bad for performance, % but most responses aren't that big (even with 4096 bit RSA keys, a 1280 % byte message can hold 2 signatures). % % Brian Correct, key length has nothing to do w/ EDNS UDP buffer size. -HOWEVER- if the key length(s) needed to fit into a 512 byte message (presume 3 keys) (( going for the LCD here so don't fuss )) may leave us with key lengths that are to short to be worth the cycles to generate them. Too easy to break and so we engender a false sense of integrety. The tradeoff is "strong enough" keys vs fragmentation vs TCP. More evaluation is needed to make the tradeoff. -- --bill