Re: Q2: crypto algorithm requirements for DNSSEC

[Rob Austein <sra+namedroppers@hactrn.net>]

At Wed, 12 Feb 2003 07:31:16 +1100, Mark Andrews wrote:
> 
> 	One of the purposes of two manditory protocols was to ensure
> 	that we could always have working DNSSEC in the event that
> 	a way to compromise a algorithm was found.  You could then
> 	switch off that algorithm and still have a secure system
> 	while another algorithm was deployed to replace the compromised
> 	one.  [ Yes, named is missing the switches to turn this off
> 	algorithms at runtime.  This will be addressed. ]
> 
> 	This would remove the fallback solution and require massive
> 	quick redeployment of dnssec suites in the event of a
> 	compromise to RSA/SHA1.
> 
> 	The down side of having two manditory algorithms is that
> 	you should be signing with both all the time otherwise when
> 	one is compromised you will have whole branches being
> 	isolated.

Counter argument is that having two algorithms means that one can be
attacked via a break in either algorithm.

So, while I understand the desire to have a fallback strategy, I'm not
sure that we really have one whether DSA is mandatory or not.

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>