The ecosystem is not yet ready fo ED25519, but the next KSK Rollover should definitely consider using ECDSA256 as a first choice. The KSK rollover process must include an algorithm change assessment step, where the responsible KSK rollover team would perform measurement of the algorithm change effect. With TLDs and big operators already running or deploying NIST EC algorithm, I believe the algorithm change to ECDSA would be the timed just right for the next rollover. JFTR The design team for the last KSK Rollover has specifically ruled out algorithm change (for details see the design document), but the next KSK rollover should definitely switch to EC algorithm. As a side note - the ROCA is a vulnerability in the implementation. This should not affect a key size decision making process in any way. Ondrej -- Ondřej Surý ondrej@sury.org
On 18 Dec 2019, at 11:40, Akira Kato <kato@wide.ad.jp> wrote:
I'd support Davey's idea to move ECDSA or ED25519 based algorithm to have better protection. It also contribute minimizing UDP fragmentation and TCP fallback. It has been shown in the case of .BR algorithm migration which was presented by NIC.BR people in Madrid ICANN meeting.
I understand it may not appropriate to schedule algorithm rollover in the next KSK rollover. But it may be essential that ICANN will announce that algorithm rollover may be performed in the second-next (KSK-2023?) rollver as well and that ICANN encourages people to be ready for efficient algorthm.
-- Akira Kato
From: Davey Song <songlinjian@gmail.com> Subject: Re: [RSSAC Caucus] INPUT REQUESTED: Proposal for Future Root Zone KSK Rollovers Date: Mon, 16 Dec 2019 11:34:05 +0800
then considerations should be proposed for using a longer KSK key length of 3072-bit RSA.
Larger size of key of RSA is not a right direction. If people think the 2048-bit RSA is strong enough, larger size of key will only result large size of DNSKEY and the response. If you think we should strengthen it, why not switch to ECC give a reasonable timeline in future.
Davey
rssac-caucus mailing list rssac-caucus@icann.org https://mm.icann.org/mailman/listinfo/rssac-caucus
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.