Geoff Huston (APNIC)
IN this presentation we motivate why there is a need to consider using larger keys for RWSA in the context of DNSSEC. We then describe a measurement experiment that looks at the success rate of using 4,096 bit signing keys in DNSSEC. We conclude with some thoughts as to the option between using ECDSA P-256 and RSA-4096 to counter the potential threat of quantum computing to this form of application of cryptography.
Geoff Huston (APNIC) Joao Luis Silva Damas (Bond Internet Systems)