Nov 29 – 30, 2021
UTC timezone
OARC 36 Day 1 - begins 14:00 UTC Today 29 November

Measurement of DNSSEC Validation with RSA-4096

Nov 30, 2021, 10:00 AM
Standard Presentation Online Workshop OARC 36 Day 2


Geoff Huston (APNIC)


IN this presentation we motivate why there is a need to consider using larger keys for RWSA in the context of DNSSEC. We then describe a measurement experiment that looks at the success rate of using 4,096 bit signing keys in DNSSEC. We conclude with some thoughts as to the option between using ECDSA P-256 and RSA-4096 to counter the potential threat of quantum computing to this form of application of cryptography.

Primary authors

Geoff Huston (APNIC) Joao Luis Silva Damas (Bond Internet Systems)

Presentation materials