Oct. 20, 2014
8:22 p.m.
Hi David, At 12:50 20-10-2014, David Conrad wrote:
Unrelated to KSK change, but as we discussed it in the workshop...
https://kivo.com/p/h985rFcI, slides 37-39
Dr. Bernstein notes (page 38): "Analyses in 2003 concluded that RSA-1024 was breakable; e.g., 2003 Shamir-Tromer estimated 1 year, USD $10^7"
I'm a bit disappointed at the lack of caveats in Dr. Bernstein's slides.
There was some discussion about the topic previously (see comment at https://www.ietf.org/mail-archive/web/dnsop/current/msg11541.html ). Regards, S. Moonesamy