Counterproductive how and to what/whom? For the sake of keeping DNS TXT entries ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		daneel_w on Jan 8, 2025 \| parent \| context \| favorite \| on: Cracking a 512-bit DKIM key for less than $8 in th... Counterproductive how and to what/whom? For the sake of keeping DNS TXT entries and e-mail headers compact? Would you stand by this statement also in the context of a certificate authority's root signing key, or an RSA host key for an ssh daemon?

tptacek on Jan 8, 2025 [–]

There is no plausible threat to 2048, but you'd still rather people switch off RSA, either to curves (because they're more resilient) or to lattices (for post-quantum). Pushing people to higher RSA key sizes is a waste of effort.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact