I agree with Victor and I believe this is what the draft currently says and recommends.
Ondřej -- Ondřej Surý — ISC > On 23 Mar 2018, at 15:58, Viktor Dukhovni <[email protected]> wrote: > >> On Thu, Mar 22, 2018 at 01:27:38PM -0400, Paul Wouters wrote: >> >> I think this text also needs an update: >> >> RSASHA1 and RSASHA1-NSEC3-SHA1 are widely deployed, although zones >> deploying it are recommended to switch to ECDSAP256SHA256 as there is >> an industry-wide trend to move to elliptic curve cryptography. >> >> They should switch away from SHA1 as SHA1 is being deprecated industry >> wide. Even if we recommend to move away from RSA (which I'm not sure if there >> is consensus on) to ECC, I would like to move them to ED25519/ED448 over >> the ECDSA* variants. > > I think it is, unfortunately, much too early for such a move. For > example, on Unix systems the requisite OpenSSL 1.1.x libraries that > provide the Edwards EC algorithms, are not yet out of beta! It > will be some years before Ed25519 and Ed448 can be expected to be > widely supported by resolvers. Therefore, I would still strongly > recommend ECDSA, which is widely supported. > > We should certainly encourage the implementation of Ed25519/Ed448 > in resolver and nameserver implementations, but it is much too > early for adoption, beyond dual DS/KSKs one ECDSA and another > Ed25519, with the client choosing whichever it prefers. ZSKs should > IMHO migrate to ECDSA for now to alleviate packet size issues. > >> If it is too soon for that now, I would simply not recommend moving away >> from RSA. And maybe make ECDSAP256SHA256 a MAY instead of a MUST. > > I disagree. ECDSA is widely adopted, and more adoption will help > to reduce packet sizes and improved performance of online signing > where desired (load-balaced responses with DNSSEC, ...). > > -- > Viktor. > > _______________________________________________ > DNSOP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
