I apologize for cross-posting due to topical overlap.
Please confine follow-up messages to the appropriate list.


In the message to DNSOP regarding draft-ietf-dnsop-resolver-priming-02
archived at
  <http://www.IETF.ORG/mail-archive/web/dnsop/current/msg07843.html>,
Olafur Gudmundsson scratched at a topic of interest to namedroppers
as well; he wrote:

>  ...
>
> Background:
> 26 signed glue records will require about 5K answer if each RRSet is
> signed by a single 1024 bit RSA key.
> This will never fit into an ENDS0 answer as number of implementations
> have 4096 byte hard limit on answer size.


Did you read the News these days?

An international team lead by the BSI (the "German NSA") and others
has solved the RSA-768 challenge, and experts reportedly expect, due
to significant progresses, that RSA-1024 will be solved in a rather
short time, likely by the end of this year or so!

This means that we should immediately plan operationally for
widespread use of 2048-bit RSA keys in the "near" future.


> As of today all the root servers instances that my host reached
> answered a TCP query.
>
> Proposed replacement text:
>
>|2.1.  Parameters of a Priming Query
>|
>|  A priming query MUST use a QNAME of "." and a QTYPE of NS, QCLASS
>|  of IN, with RD bit set to 0, the source port of the query should
>|  be randomly selected [RFC5452].
>|
>|  A DNSSEC aware resolver SHOULD sent the priming query over TCP.
>|  If TCP is refused a different server SHOULD be tried, after 3 tries
>|  the resolver SHOULD fall back on UDP.
>|
>|  A DNSSEC ignorant but EDNS0 capable, resolver SHOULD issue the
>|  priming query over UDP, ENDS0 option MUST be included with buffer
>|  size of 1220 or larger.  If the UDP query times out TCP SHOULD be
>|  tried.
>|
>|  An EDNS0 ignorant resolver MUST issue the priming query over UDP.
>
> ...

I therefore support the proposal suggested by Olafur:

Recommend that <DNSSEC aware resolvers> SHOULD issue priming queries
immediately over TCP, and not waste time and bandwidth with an
initial query over UDP (that will be truncated with certainty).
Even UDP with EDNS0 and 4k message size limit (which most likely
will need fragmentation and have trouble with firewalls) will not
provide a workable solution for a reasonable life time (of RFCs
and deployed equipment) and should only be tried as a fallback.

Those not liking DNS over TCP might wish to convince the IEEE to
quickly double the Ethernet frame size in the interim (in deployed
networks as well, of course!) and the IETF to bump the IPv4
512-byte UDP margin.   :-)


Additionally:
++++++++++++

Work on the use of Elliptic Curve Signatures with DNSSEC urgently
needs to be resumed *now* (in DNSEXT).

EC keys and signatures will roughly be shorter than RSA keys and
signatures by a *factor* of 4..8, for comparable levels of security.


Kind regards,
  Alfred.


P.S:  Olafur:   s/ENDS0/EDNS0/g  !   :-)
                   ^^    ^^
      [ BTW, one of my favorite personal typos, as well! ]


-- 

+------------------------+--------------------------------------------+
| TR-Sys Alfred Hoenes   |  Alfred Hoenes   Dipl.-Math., Dipl.-Phys.  |
| Gerlinger Strasse 12   |  Phone: (+49)7156/9635-0, Fax: -18         |
| D-71254  Ditzingen     |  E-Mail:  a...@tr-sys.de                     |
+------------------------+--------------------------------------------+

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to