Re: [dnsext] DNSSEC, robustness, and several DS records

"George Barwood" <> Wed, 11 May 2011 17:28 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5726BE073C for <>; Wed, 11 May 2011 10:28:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.846
X-Spam-Status: No, score=-0.846 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_BASE64_TEXT=1.753]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id fFX8E-hJYMk8 for <>; Wed, 11 May 2011 10:28:30 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id C6E70E06D5 for <>; Wed, 11 May 2011 10:28:29 -0700 (PDT)
Received: from ([]) by (InterMail vM. 201-2186-134-20080326) with ESMTP id <>; Wed, 11 May 2011 18:28:20 +0100
Received: from [] (helo=GeorgeLaptop) by with smtp (Exim 4.63) (envelope-from <>) id 1QKDCu-0002rk-AP; Wed, 11 May 2011 18:28:20 +0100
Message-ID: <C7A4C74DA86C4A5A977C0902C1D2795E@local>
From: "George Barwood" <>
To: "Paul Hoffman" <>, "Stephane Bortzmeyer" <>
References: <> <>
Date: Wed, 11 May 2011 18:28:17 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: base64
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6090
X-Cloudmark-Analysis: v=1.1 cv=R50lirqlHffDPPkwUlkuVa99MrvKdVWo//yz83qex8g= c=1 sm=0 a=iKl8fF4JqUIA:10 a=3NElcqgl2aoA:10 a=8nJEP1OIZ-IA:10 a=48vgC7mUAAAA:8 a=5-SuON1zi9r7fMb6-tAA:9 a=wPNLvfGTeEIA:10 a=HXXqCD0uysUA:10 a=HpAAvcLHHh0Zw7uRqdWCyQ==:117
Subject: Re: [dnsext] DNSSEC, robustness, and several DS records
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 11 May 2011 17:28:31 -0000

>   If there is a known preimage attack on SHA-1 that reduces its
>   effective strength to less than 128 bits,
>   validator implementations SHOULD ignore DS RRs containing SHA-1
>   digests if DS RRs with SHA-256 digests are present in the DS RRset.

The problem is that we don't know if such attacks exist, and more practically
it's hard to update software. So it seems better to plan for the worst.

Besides, implementations may want to use dual algorithms, for example
elliptic curve plus RSA with a moderate size key, on the basis that it's
unlikely that anyone would be able to break both.

I really doubt having resolvers trying to fix up data errors is the way forward.

I think the real fix for mishaps uploading DS records is to have better
in-protocol support. The proposed CDS RRtype is aimed at this :