Re: [dnsext] DNSSEC, robustness, and several DS records
Matt McCutchen <matt@mattmccutchen.net> Thu, 12 May 2011 04:24 UTC
Return-Path: <matt@mattmccutchen.net>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E150E065D for <dnsext@ietfa.amsl.com>; Wed, 11 May 2011 21:24:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rekNAVuivMZW for <dnsext@ietfa.amsl.com>; Wed, 11 May 2011 21:24:06 -0700 (PDT)
Received: from homiemail-a62.g.dreamhost.com (caiajhbdcaib.dreamhost.com [208.97.132.81]) by ietfa.amsl.com (Postfix) with ESMTP id 535F6E06E3 for <dnsext@ietf.org>; Wed, 11 May 2011 21:24:06 -0700 (PDT)
Received: from homiemail-a62.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a62.g.dreamhost.com (Postfix) with ESMTP id F375263406E; Wed, 11 May 2011 21:24:05 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=mattmccutchen.net; h=subject:from :to:cc:in-reply-to:references:content-type:date:message-id :mime-version:content-transfer-encoding; q=dns; s= mattmccutchen.net; b=EK/A/51+fswncw70AdHTnaZKCefJgoA9l6tmjEnsWH0 ZwNhCRGIkAMluX6zAuXjqaxh7XfJhShl5escLjLJ7qgRs9/ATTuW2ggcCprXiKrE sz+2Y6Te+lSuEjJGzhcq3cTM58iMoSnkn1DTHAJsjNQ5cJ+9O1XCnWPhiHW3GOA4 =
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=mattmccutchen.net; h= subject:from:to:cc:in-reply-to:references:content-type:date :message-id:mime-version:content-transfer-encoding; s= mattmccutchen.net; bh=wvXyWuGOzFerjpnbDnHQO8T0oBI=; b=Yv5FfdNeZL jiBx1maviYAG8A7D9fXjzpiWWXI+AuFg468Ry2BAik0KkOvEQH0QbVEDxTkllMja iuv0z5HhaxwsRz+hVn+NEH1JgibfdPBluDnuasIrGMyFXNiYwdHbxQJ9t44zeAxW Mbyjqeju9RNp9vK3u/P6OuNtzkd/dIId8=
Received: from [129.2.249.209] (ml2.student.umd.edu [129.2.249.209]) (using SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: matt@mattmccutchen.net) by homiemail-a62.g.dreamhost.com (Postfix) with ESMTPSA id ABC9563406C; Wed, 11 May 2011 21:24:05 -0700 (PDT)
From: Matt McCutchen <matt@mattmccutchen.net>
To: Doug Barton <dougb@dougbarton.us>
In-Reply-To: <4DCB4421.5020306@dougbarton.us>
References: <201105112250.p4BMoQZk020211@givry.fdupont.fr> <4DCB2E3F.4030701@dougbarton.us> <20110512015806.209E0EAF182@drugs.dv.isc.org> <4DCB4421.5020306@dougbarton.us>
Content-Type: text/plain; charset="UTF-8"
Date: Thu, 12 May 2011 00:24:04 -0400
Message-ID: <1305174244.2793.8.camel@localhost>
Mime-Version: 1.0
X-Mailer: Evolution 2.32.3
Content-Transfer-Encoding: 7bit
Cc: dnsext@ietf.org
Subject: Re: [dnsext] DNSSEC, robustness, and several DS records
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 May 2011 04:24:07 -0000
On Wed, 2011-05-11 at 19:21 -0700, Doug Barton wrote: > On 05/11/2011 18:58, Mark Andrews wrote: > > The senario is that you have broken SHA-1 and can construct a working > > DNSKEY which matches what the parent is publishing but have not > > broken SHA-256. If you trust SHA-1 then the attack works. It you > > don't trust SHA-1 the attack fails. The rfc is assuming this will > > happen before the reverse and is telling implementors to code for > > it as if it was a current threat. > > I get that, but I think we differ on the issue of "present." If there is > a _working_ SHA-256 DS I agree with you completely. If there is a working SHA-256 DS there is no issue. The question is what the resolver should do if it gets a DNSKEY that matches a SHA-1 DS but doesn't match any SHA-256 DS. It has no way to distinguish a mistake in the SHA-256 DS data in the original zone from a downgrade attack. -- Matt
- [dnsext] DNSSEC, robustness, and several DS recor… Stephane Bortzmeyer
- Re: [dnsext] DNSSEC, robustness, and several DS r… Thierry Moreau
- Re: [dnsext] DNSSEC, robustness, and several DS r… Edward Lewis
- Re: [dnsext] dnsextDNSSEC, robustness, and severa… Wes Hardaker
- Re: [dnsext] DNSSEC, robustness, and several DS r… Paul Hoffman
- Re: [dnsext] DNSSEC, robustness, and several DS r… Brian Dickson
- Re: [dnsext] DNSSEC, robustness, and several DS r… W.C.A. Wijngaards
- Re: [dnsext] dnsextDNSSEC, robustness, and severa… Edward Lewis
- Re: [dnsext] DNSSEC, robustness, and several DS r… George Barwood
- Re: [dnsext] DNSSEC, robustness, and several DS r… Paul Hoffman
- Re: [dnsext] dnsextDNSSEC, robustness, and severa… Wes Hardaker
- Re: [dnsext] DNSSEC, robustness, and several DS r… Francis Dupont
- Re: [dnsext] DNSSEC, robustness, and several DS r… Brian Dickson
- Re: [dnsext] DNSSEC, robustness, and several DS r… Francis Dupont
- Re: [dnsext] DNSSEC, robustness, and several DS r… Doug Barton
- Re: [dnsext] DNSSEC, robustness, and several DS r… Mark Andrews
- Re: [dnsext] DNSSEC, robustness, and several DS r… Mark Andrews
- Re: [dnsext] DNSSEC, robustness, and several DS r… Stephan Lagerholm
- Re: [dnsext] DNSSEC, robustness, and several DS r… Doug Barton
- Re: [dnsext] DNSSEC, robustness, and several DS r… Matt McCutchen
- Re: [dnsext] DNSSEC, robustness, and several DS r… Marc Lampo
- Re: [dnsext] DNSSEC, robustness, and several DS r… Stephane Bortzmeyer
- Re: [dnsext] DNSSEC, robustness, and several DS r… Stephane Bortzmeyer
- Re: [dnsext] DNSSEC, robustness, and several DS r… W.C.A. Wijngaards
- Re: [dnsext] DNSSEC, robustness, and several DS r… Tony Finch
- Re: [dnsext] DNSSEC, robustness, and several DS r… Paul Hoffman
- Re: [dnsext] DNSSEC, robustness, and several DS r… Doug Barton
- Re: [dnsext] DNSSEC, robustness, and several DS r… Francis Dupont
- Re: [dnsext] DNSSEC, robustness, and several DS r… Doug Barton
- Re: [dnsext] DNSSEC, robustness, and several DS r… Matt McCutchen
- Re: [dnsext] DNSSEC, robustness, and several DS r… Doug Barton
- Re: [dnsext] DNSSEC, robustness, and several DS r… Francis Dupont
- Re: [dnsext] DNSSEC, robustness, and several DS r… Brian Dickson
- Re: [dnsext] DNSSEC, robustness, and several DS r… Phillip Hallam-Baker
- Re: [dnsext] DNSSEC, robustness, and several DS r… Tony Finch
- Re: [dnsext] DNSSEC, robustness, and several DS r… Phillip Hallam-Baker