[RSSAC Caucus] FOR REVIEW: RSSAC Statement on IANA's Proposal for Future Root Zone KSK Rollovers

Wessels, Duane dwessels at verisign.com
Wed Jan 8 23:38:06 UTC 2020 

Hi Paul,

I have a couple of thoughts.

A number of people have been advocating for algorithm change for many years now.  So it seems justified that IANA should take on work to study and plan for that.  I don't get the sense that there is a lot of demand from the community to about a length change, or at least not yet.  You said the research is nascent.

I worry that, as written, there is ambiguity.  Is RSSAC requesting a single study that
would evaluate both alg roll and length change?  or separate studies?  Would a single study
on length change only satisfy the recommendation (since it says "or")?

Is the underlying message "RSSAC thinks IANA should be prepared with a length change plan?"  or is it "if IANA wants to change the length RSSAC wants a chance to review the plan?"

DW



> On Jan 8, 2020, at 1:31 PM, Paul Hoffman <paul.hoffman at icann.org> wrote:
> 
> All: I have made one proposed addition to a sentence that was added during the call. The sentence read:
> 
>  However, the RSSAC would like to see a stronger commitment from IANA to begin
>  studying and documenting a comprehensive approach to an algorithm rollover,
>  and have that plan subject to public review.
> 
> I think we should mention key length changes:
> 
>  However, the RSSAC would like to see a stronger commitment from IANA to begin
>  studying and documenting a comprehensive approach to an algorithm rollover or key length change,
>  and have that plan subject to public review.
> 
> I bring this up because IANA might choose not to change algorithms for a long time, but might want to change the key length to avoid issues with crypto-breaking quantum computers that attack RSA keys. There is nascent research that suggests that crypto-breaking quantum computers that attack elliptic curve keys might be easier to construct than ones that attack RSA keys, and simply using longer RSA keys could significantly reduce the ability for crypto-breaking quantum computers to break them.
> 
> Thoughts?
> 
> --Paul Hoffman_______________________________________________
> rssac-caucus mailing list
> rssac-caucus at icann.org
> https://mm.icann.org/mailman/listinfo/rssac-caucus
> 
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4695 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/rssac-caucus/attachments/20200108/f4f6369c/smime.p7s>

More information about the rssac-caucus mailing list