Re: [dnsext] Time vs bootstrap (was Re: draft-jabley-dnsop-validator-bootstrap-00)

Paul Wouters <> Tue, 01 February 2011 07:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id EC13B3A6A79; Mon, 31 Jan 2011 23:27:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.576
X-Spam-Status: No, score=-2.576 tagged_above=-999 required=5 tests=[AWL=0.023, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id tlOarnU8Rp7a; Mon, 31 Jan 2011 23:27:04 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id E4C693A68BD; Mon, 31 Jan 2011 23:27:03 -0800 (PST)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTP id 6096AC4FE; Tue, 1 Feb 2011 02:30:18 -0500 (EST)
Date: Tue, 1 Feb 2011 02:30:17 -0500 (EST)
From: Paul Wouters <>
To: Brian Dickson <>
In-Reply-To: <>
Message-ID: <>
References: <>
User-Agent: Alpine 1.10 (LFD 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
Cc: " WG" <>, Knight Dave <>, dnsext List <>
Subject: Re: [dnsext] Time vs bootstrap (was Re: draft-jabley-dnsop-validator-bootstrap-00)
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 01 Feb 2011 07:27:05 -0000

On Tue, 1 Feb 2011, Brian Dickson wrote:

> However, once you have a trust anchor (root key) that you have a lot
> of confidence in, you can then do some cute DNSSEC tricks to get a
> rough idea of time, and then a better idea of time.
> First, look at the contents of the RRSIGs for the root. If you believe
> the RRSIGs, you also necessarily believe that the current time must be
> within the start/end time of those RRSIGs.

But if the rootkey was compromised, so would the RRSIGs? At least for the
view of the device - if the attacker cannot fool the client that the old
compromised root key is the real one, or preset a fake successor in some
history zone, then the attacker lost anyway.

> Next, consider what needs to happen for TLDs that update very frequently.
> When they update, their SOA SN needs to change.
> And, if they are signed zones, the SOA record's RRSIG needs to be
> generated when this happens.
> Using the start date/time of such an RRSIG on the SOA for such a zone,
> should give a pretty good value for the current time, to at least an
> accuracy of a couple of minutes.

That actually is a nice trick. Though I don't think it gets you acuracy on
the minute, but hours surely. org. got me witin an hour, gov. within 3 hours.

> This may be good enough for DNSSEC purposes.

At least to then do ntp and and see that it matches our rough expectation.
Though in all, if the attacker is your controlling upstream, you are lost.