[RSSAC Caucus] [Ext] Re: FOR REVIEW: RSSAC Statement on IANA's Proposal for Future Root Zone KSK Rollovers

[Paul Hoffman]

On Jan 8, 2020, at 3:38 PM, Wessels, Duane <dwessels at verisign.com> wrote:
> I have a couple of thoughts.
> 
> A number of people have been advocating for algorithm change for many years now.  So it seems justified that IANA should take on work to study and plan for that.  I don't get the sense that there is a lot of demand from the community to about a length change, or at least not yet.  You said the research is nascent.

The community has indeed been advocating for an algorithm change. That seems to be based on key size, not on quantum resistance. There is also the possibility that whatever quantum-resistant signing algorithm that comes out of the NIST competition is suitable for DNSSEC (which it very will might not be due to the size of signatures, keys, or both).

> I worry that, as written, there is ambiguity.  Is RSSAC requesting a single study that
> would evaluate both alg roll and length change?  or separate studies?  Would a single study
> on length change only satisfy the recommendation (since it says "or")?

The latter was what I intended, but I see where there is ambiguity. Better wording might be "... studying and documenting a comprehensive approach to an algorithm rollover, or to a key length change, ...".

> Is the underlying message "RSSAC thinks IANA should be prepared with a length change plan?"  or is it "if IANA wants to change the length RSSAC wants a chance to review the plan?"

The latter, definitely. Is the new proposal above sufficient for that? Or do you have clearer wording?

Or should we not say anything to IANA about wanting to have a public plan if they decide to do an RSA key length change?

--Paul Hoffman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3935 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/rssac-caucus/attachments/20200108/2b052f15/smime.p7s>