Hi Vladimir

I tried switching to the ED25519 algorithm, but then home users could no longer resolve anything in the zone because the resolvers are too old/incomplete.

So, to stay resolvable I was hoping to work around that with two algorithms.

Partially hoping with the zone using the newer algorithm over time more resolvers would be upgraded.

Like with TLS 1.3 more clients will support it if most servers have it already enabled by default.

Cheers,

Stefan

Am Fr., 23. Juli 2021 um 16:28 Uhr schrieb Vladimír Čunát <vladimir.cunat@nic.cz>:

Hello.

On 23/07/2021 16.13, Schindler, Stefan wrote:
> Because for some reason a lot of ISP resolvers support RSA only while
> I would like to future-proof my zone with ED25519 at the same time.

As the current DNSSEC standards go, I think it's normally not worth
using two algorithms at once on a single zone (except temporarily when
changing from one to another). Validators will succeed when validation
with *any* of the algorithms succeeds. Therefore adding a stronger algo
won't make the result stronger (attackers can choose which one to
compromise) - at least until the weaker algo gets (commonly) considered
as insecure.

Weirdly enough, DNSSEC validators do not do that even with short RSAs -
one problem is that standardized (non-)support mechanism is independent
of key length. That's OK for the new fixed-length algos but not so much
for RSA.

--Vladimir | knot-resolver.cz