Se connecter

Recherches récentes

Aucune recherche récente

Options de recherche

Disponible uniquement lorsque vous êtes connecté.
framapiaf.org est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Un service Mastodon fourni par l'association d’éducation populaire Framasoft.

Administré par :

Statistiques du serveur :

1,4K
comptes actifs

framapiaf.org: À proposÉtatAnnuaire des profilsPolitique de confidentialité

Mastodon: À proposTélécharger l’applicationRaccourcis clavierVoir le code sourcev4.3.7

Public
John Shaft

Totally missed that information : a new #KSK for the root zone was generated during Root KSK Ceremony 49 last April. It's still a RSA 2048-bits key and it's keytag is 46211 if I read the log correctly

KSK Rollover incoming ! (in 2-3 years ^^)

iana.org/dnssec/ceremonies/49

www.iana.orgRoot KSK Ceremony 49
#DNS#DNSSEC
Public
Haelwenn /элвэн/ :triskell:
@shaft RSA 2048-bits seems a bit strange, is there a reason they're not switching to RSA 4096-bits or a better algorithm?
Patrick Mevzek

@lanodan @shaft This thread might be of interest to you: mailarchive.ietf.org/arch/msg/ My understanding of the current trends and global points of view is that after RSA 2048 it is better to focus energy on switching to elliptic curves based algorithms and just shield away from RSA completely. For both reasons on size consequences of what is exchanged as DNS packets, and for fears of strength against quantum computing.

mailarchive.ietf.org[DNSOP] Whiskey Tango Foxtrot on key lengths...Search IETF mail list archives
20 sept. 2023, 17:34·Public
0boost·2favoris
ExplorerFlux en direct
À propos