[dnssec-deployment] binary arthimatic
Olaf M. Kolkman
olaf at ripe.net
Tue Dec 21 04:24:02 EST 2004
I am not quite sure where Bill's question originates from.
On Mon, 20 Dec 2004 15:14:46 -0500
"Scott Rose" <scottr at nist.gov> wrote:
> Can't say if I really agree with it or not, but considering most .gov
> policies go with "use a minimum of X bits", the NIST DNS Security guide will
> state something along the lines of choice a) (smallest key).
>
> I don't know if that is sufficient, but it should be. Enough thought goes
> into determining the minimum length (by people smarter than I), to put trust
> in it.
>
Anybody read draft-ietf-dnsop-dnssec-operational-practices? (Bill if you are
going to deploy I would appreciate a thoughough review and your comments on
what is missing).
We have a keylength considderations in there. We are about to
pop a new version. Maybe even today, if you want a snapshot from the CVS
please contact me.
-- Olaf
---------------------------------| Olaf M. Kolkman
---------------------------------| RIPE NCC
More information about the Dnssec-deployment
mailing list