DNSSEC Best Practices

• Previous message (by thread): DNSSEC Best Practices
• Next message (by thread): DNSSEC Best Practices
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed 2021-04-28 12:02:18+0200 Mark wrote:
> On 4/28/21 11:51, Tony Finch wrote:
> 
> > Yes. I recommend p256 because the security advantages of p384 are
> > not significant enough to justify the increased costs in space
> > (packet size) and time.  
> 
> Both 13 and 14 are already smaller than 8 (which is the most widely 
> deployed algorithm today).

For those interested, actual numbers for algorithm deployment can be
found in the DNSSEC parameter frequency analysis section of
https://stats.dnssec-tools.org/.


-- 
Robert Story <http://www.isi.edu/~rstory>
USC Information Sciences Institute <http://www.isi.edu/>

• Previous message (by thread): DNSSEC Best Practices
• Next message (by thread): DNSSEC Best Practices
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]