Just as an example of how easy* it is for even experts to screw these things up, Viktor's followup email suggests that tools should enforce parameters.<p>One of his suggestions:<p>> exponent is unconditionally 65535 (F_4)<p>The value for public exponent F_4 is actually 65537 (a low hamming weight prime), not 65535.<p>* This comment originally read "hard" instead of "easy", which I <i>totally</i> did on purpose as a joke but fixed because it was confusing.
<p><pre><code> RR count | length
---------+--------
107 | 131 (1024-bit with exponent 65337 == 3*29*751)
</code></pre>
What the hell? I can imagine the occasional person typing 65337 when they mean 65537, but <i>107</i> such records?
This aligns with at least one person's predictions about the use of weak encryption and high margin for error of setting up and maintaining DNSSEC. He occasionally presents on the "DNS Security Mess" and has long highlighted this among DNSSEC's various flaws, with examples of the screw ups so far and their consequences.