ICANN ICANN Email List Archives


<<< Chronological Index >>>    <<< Thread Index >>>

Comments on KSK rollover plan

  • To: comments-root-ksk-06aug15@xxxxxxxxx
  • Subject: Comments on KSK rollover plan
  • From: Daisuke HIGASHI <daisuke.higashi@xxxxxxxxx>
  • Date: Sat, 12 Sep 2015 01:33:07 +0900

I would like to make the following comment to
 "Root Zone KSK Rollover Plan
  Design Team Draft Report - Updated August 4, 2015":

- Incoming KSK (and ZSK) key algorithm

  Root KSK/ZSK algorithm should be changed to one with shorter key size
such as ECDSAP256SHA256 for _now_ to keep DNSKEY reply size
less than IPv6 minimum MTU (payload size 1232 bytes)
in the future.

  The problem is root ZSK’s key size, which is currently
1024 bit RSA. It should (and will) be changed to larger key size
very soon, such as 1536bit or 2048bit, because
RSA1024 is considered to be too weak today.

  Suppose ZSK has been changed to 1536bit RSA [1] in near future
and we are performing algorithm rollover to ECDSAP256SHA256(alg=13)
at next KSK roll. During this rollover, DNSKEY query to root zone
will yield max 1342 bytes DNS message, which exceeds
IPv6 minimum MTU [2].

  In conclusion root KSK (and ZSK) should be changed to
an algorithm with shorter key length _before_ ZSK key
is changed to one larger than 1024bit RSA.

[1] 1536bit RSA is still insufficient considering security
    level required today; Most CA requires 2048-bit or
    more key length.

[2] Maximum DNS reply for DNSKEY query to root zone
    during KSK roll (RSA to ECSAP256):

      oldZSK(RSA1536) for ZSK roll pre-(or post-) publishing
      oldZSK(ECDSAP256) for ZSK roll pre-(or post-) publishing

    which size is 1342 bytes.

    Even if ZSK(ECDSA) rollover wasn’t performed
    the size is 1263 bytes, still making packet size
    larger than IPv6 minimum MTU.

- Channel Partners

  Some DNS software/appliance producers should be includeded
  into "Software Producers" or "System Integrators" list. For example:

   * F5 Networks produces validating DNS resolver
     (while also produces DNS-based GSLB).
     Many network service providers are operating
     their product.


<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy