[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: I-D Action:draft-ietf-dnsext-dnssec-rsasha256-02.txt

To: <namedroppers@ops.ietf.org>
Subject: RE: I-D Action:draft-ietf-dnsext-dnssec-rsasha256-02.txt
From: "Scott Rose" <scottr@nist.gov>
Date: Wed, 12 Dec 2007 08:20:26 -0500
In-reply-to: <475F94DC.5030408@NLnetLabs.nl>

> -----Original Message-----
> From: owner-namedroppers@ops.ietf.org
> [mailto:owner-namedroppers@ops.ietf.org]On Behalf Of Jelte Jansen>
>
> Thanks, very good points.
>
> Michael StJohns wrote:
> > A couple of comments and questions:
> >
> > Since 3110 permits RSA keys as short as 512 bits you should
> probably note that SHA512 can't be used with keys of that length
> due to padding considerations.  Per PKCS1 the hash size has to be
> at least 11 octets shorter than the key length.
> >
>
> Yes, a discussion about lengths (both of keys and signatures) is missing
> and will be added. Also, I structured the document so that if we do
> decide on adding or removing specific algorithms from the SHA-2
> document, it's easily done. Although I think that with 256 and 512 we
> have an acceptable middle ground between needs and combination-complexity.
>
> > The ID lists allocations for SHA256-NSEC3 etc - but there's no
> body text related to NSEC3.  This is probably not the right place
> to list those allocations.  Given that NSEC3 ID still isn't
> closed (or may only have closed today) it may be more appropriate
> to list the allocations there.
> >
>
> It kind of depends which document gets finalized first. It seems that
> NSEC3 will be finalized before this document, in which case I think this
>  (sha2) document will be the right place. There should indeed be some
> actual text and a reference in that case. If this document would seem to
> be done first, I'll remove the NSEC3 references altogether.
>

From the discussion about the -13 draft, I hope that gets out soon.
Probably before this.

>
> > Following the item above on key length, there needs to either
> be a discussion of the appropriate hash algorithm to use with
> which key lengths or a pointer a document which describes this
> (e.g. NIST 800-57) or preferably both.
> >
>
> Ok
>

NIST 800-57 Part 1 (specifically) gives the recommended key lengths based on
minimum bits of security.  Not sure where this should be added - security
considerations?

Scott

> Jelte
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHX5Tc4nZCKsdOncURAknaAKCyGulawnZE+F0BV1IjVkuX4npsywCfcdWd
> gdOuyktmcLs7e3DilGaGbDs=
> =SEeM
> -----END PGP SIGNATURE-----
>
> --
> to unsubscribe send a message to namedroppers-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://ops.ietf.org/lists/namedroppers/>
>



--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

References:
- Re: I-D Action:draft-ietf-dnsext-dnssec-rsasha256-02.txt
  - From: Jelte Jansen <jelte@NLnetLabs.nl>

Prev by Date: Re: NSEC-13 conclusion
Next by Date: Protocol Action: 'DNSSEC Hashed Authenticated Denial of Existence' to Proposed Standard
Previous by thread: Re: I-D Action:draft-ietf-dnsext-dnssec-rsasha256-02.txt
Next by thread: NSEC-13 conclusion
Index(es):
- Date
- Thread