[dns-dir] some comments on draft-os-ietf-sshfp-ecdsa-sha2-04.txt
Peter Koch <pk@DENIC.DE> Wed, 04 January 2012 18:17 UTC
Return-Path: <peter@denic.de>
X-Original-To: dns-dir@ietfa.amsl.com
Delivered-To: dns-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA99321F85EA for <dns-dir@ietfa.amsl.com>; Wed, 4 Jan 2012 10:17:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DzV3Bjh8pN6a for <dns-dir@ietfa.amsl.com>; Wed, 4 Jan 2012 10:17:11 -0800 (PST)
Received: from office.denic.de (office.denic.de [IPv6:2a02:568:122:16:1::4]) by ietfa.amsl.com (Postfix) with ESMTP id EA80F21F8551 for <dns-dir@ietf.org>; Wed, 4 Jan 2012 10:17:10 -0800 (PST)
Received: from x27.adm.denic.de ([10.122.64.128]) by office.denic.de with esmtp id 1RiVOf-0002OY-HE; Wed, 04 Jan 2012 19:17:09 +0100
Received: from localhost by x27.adm.denic.de with local id 1RiVOf-0007e8-CJ; Wed, 04 Jan 2012 19:17:09 +0100
Date: Wed, 04 Jan 2012 19:17:09 +0100
From: Peter Koch <pk@DENIC.DE>
To: Ondrej Sury <ondrej.sury@nic.cz>
Message-ID: <20120104181709.GP13424@x27.adm.denic.de>
Mail-Followup-To: Ondrej Sury <ondrej.sury@nic.cz>, dns-dir@ietf.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.4.2.3i
Sender: Peter Koch <peter@denic.de>
Cc: dns-dir@ietf.org
Subject: [dns-dir] some comments on draft-os-ietf-sshfp-ecdsa-sha2-04.txt
X-BeenThere: dns-dir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF DNS directorate discussion list <dns-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-dir>, <mailto:dns-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-dir>
List-Post: <mailto:dns-dir@ietf.org>
List-Help: <mailto:dns-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-dir>, <mailto:dns-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2012 18:17:11 -0000
Hi Ondrej, i came across another review of <draft-os-ietf-sshfp-ecdsa-sha2-04.txt> and would like to add some remarks. I've copied the DNS Directorate for information. Not sure what the status of the draft is - the datatracker confuses me by claiming 'wg document', but i do not see which WG? Generally the draft looks like a good idea! To start with some formalities, the header and abstract claim the draft updates RFC 4255. I would suggest it does not. It updates two IANA registries defined and seeded by RFC 4255, but it does not (to my reading) change any content of RFC 4255. If it were to update 4255, it should probably adjust the registry policies from "IETF consensus" as per RFC 2434 to "IETF Review" as per RFC 5226, but that's probably for another venue to discuss. Second, the document aims at Standards Track and I do not see why. An IETF/IESG reviewed RFC would be sufficient. Not saying it should be less than ST, but what's the purpose here? Later serving as normative reference? In section 3.2 the use of an ECDSA fingerprint is defined. I could not find the description of the Fingerprint in RFC 5656. Furtheron it reads ECDSA public key fingerprints MUST use the SHA-256 algorithm for the fingerprint as using the SHA-1 algorithm would weaken the security of the key. First, could the claim 'would weaken the security' be substantiated (maybe by reference) a bit? Second, what is the consequence, i.e. who is supposed to act on a violation? Is it the DNS implementation (hard to achieve with 'transparent' RR types), the DNS operator or the consuming entity? I would suggest to reverse the logic here and only demand that a consuming party MUST ignore SHA-1 FPs for ECDSA. In 4.1, the SHA-256 fingerprint is introduced. The consuming entity is advised "Secure Shell implementations which support SHA-256 fingerprints MUST prefer a SHA- 256 fingerprint over SHA-1 if both are available for a server. If the SHA-256 fingerprint is tested and does not match the supplied key, then the key MUST be rejected rather than testing the alternative SHA-1 fingerprint." This assumes that both FPs are for the same key? Couldn't it happen that the server offers an RSA and an ECDSA key, using SHA-1 for the former and ECDSA for the latter? Nit: Add some text after the headline "5. Examples", e.g. The following examples provide reference for both the newly defined ECDSA algorithm number and the use of the SHA-256 fingerprint combined with both the new and the existing algorithm numbers. The examples refer to "OpenSSH format" without any reference. The references to the DNSSEC RFCs are probably informative only. Best regards, Peter
- [dns-dir] some comments on draft-os-ietf-sshfp-ec… Peter Koch
- Re: [dns-dir] some comments on draft-os-ietf-sshf… Ondřej Surý
- Re: [dns-dir] some comments on draft-os-ietf-sshf… Ondřej Surý
- Re: [dns-dir] some comments on draft-os-ietf-sshf… Ralph Droms
- Re: [dns-dir] some comments on draft-os-ietf-sshf… Ondřej Surý