On 16/04/2011, at 5:12 AM, Stephen Kent wrote: > Robert, > > First let me apologize as I accidentally put in "bytes" where I meant "bits" > in the examples I provided. Whoops! RSA 2K keys are 2K bits, i.e., 256 bytes > (not 2K bytes). And, 2K RSA sig is the default, as this matches the key sizes > we have already agreed upon for the RPKI certs. Still, a 20-hop path with RSA > 2K (bit) sigs exceeds the 4K (byte) max UPDATE size, without any other > overhead. Sorry for the confusion. > >> >> - What is the maximum key length possible and how big would be the RSA >> signature with such key length ? > > There is no max key size, but it does not make sense to push for bigger RSA > key sizes, instead of moving to more efficient (in space and computation) sig > algorithms. The sig size for RSA is the same size as the key. > > The likely sucessor algs are DSA or EC-DSA, which use smaller keys, but offer > secruity equivalent to the larger RSA key sizes. The key sizes for those > algorithms yield 128 or 256-bit sigs, under current hash algs. > >> - What are the other path security data and what their size might be min-max. > > I defer to Matt Lepinski for the details of the other data, as he is the > author of the BGPSEC protocol doc.
I was doing a similar mental sum in my head and 256 bytes per sig is not a lot. As far as I am aware the only other added per-AS part of the attribute is the SKI of the public key. Presumably this is also 256 bytes. SO thats 500 bytes per AS, and for a 20 AS path thats 10K in additional data. Is my back of the envelope anywhere near in the right ball park? Geoff _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
