Secure Domain Name System (DNS) Deployment 2026 Guide [pdf]

> 864000 seconds (1 day)

Could use some proofreading.

> ECC algorithms with smaller key sizes would be more vulnerable to a quantum attack, as it would require a currently theoretical quantum computer with fewer qubits than would be required for an RSA key with the same cryptographic strength [25].

This is what keeps me skeptical about ECC. RSA is really chunky, and maybe that's a fundamental advantage from an information theory perspective. Compromising on the crypto scheme because we can't fit inside UDP seems like a cursed path.

[25]: https://arxiv.org/abs/1706.06752

I do wish these types of document were published as HTML and not just as PDF.