[On 25 Aug, @19:31, Scott wrote in "Re: draft-kolkman-dnssec-opera ..."] > An opinion on section 3.2 (Security Key Considerations): It is the wrong > place for a discourse on key strengh, but a reference would be good for > further info for someone interested. Otherwise, it might be good to give > some rough rules to follow such as "the larger the zone, the larger the key" > and "larger the zone, zone key rollovers should be more frequent".
thanks, I've added this. I think it is good to make such a non technical statement about key sizes. References to documents regarding key sizes is still a good idea, but I don't want to specify exact sizes in this draft. I do however have a document at home which has a table: year <-> key length. You can just look up the year and then find a key length. This runs up until the year 2025 (or something). Maybe that should be added as an reference... grtz Miek #---------------------------------------------------------------------- # To unsubscribe, send a message to <[EMAIL PROTECTED]>.
