IETF Logo Mail Archive

Re: AS IF: draft-ietf-dnsext-ad-is-secure-03.txt

Greg Hudson <ghudson@MIT.EDU> Sun, 29 July 2001 05:52 UTC

Received: from psg.com (exim@psg.com [147.28.0.62]) by ietf.org (8.9.1a/8.9.1a) with SMTP id BAA13847 for <dnsext-archive@lists.ietf.org>; Sun, 29 Jul 2001 01:52:16 -0400 (EDT)
Received: from lserv by psg.com with local (Exim 3.31 #1) id 15QaCz-000JXZ-00 for namedroppers-data@psg.com; Sat, 28 Jul 2001 12:57:09 -0700
Received: from rip.psg.com ([147.28.0.39] ident=exim) by psg.com with esmtp (Exim 3.31 #1) id 15QaCy-000JXS-00 for namedroppers@ops.ietf.org; Sat, 28 Jul 2001 12:57:08 -0700
Received: from randy by rip.psg.com with local (Exim 3.31 #1) id 15QaCy-0004VX-00 for namedroppers@ops.ietf.org; Sat, 28 Jul 2001 12:57:08 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
From: Greg Hudson <ghudson@MIT.EDU>
To: John Gilmore <gnu@toad.com>
cc: DNSEXT <namedroppers@ops.ietf.org>
Subject: Re: AS IF: draft-ietf-dnsext-ad-is-secure-03.txt
In-Reply-To: Your message of "Sat, 28 Jul 2001 12:35:22 PDT." <E15QZru-000Iv6-00@psg.com>
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
Message-Id: <E15QaCz-000JXZ-00@psg.com>
Date: Sat, 28 Jul 2001 12:57:09 -0700
Content-Transfer-Encoding: 7bit

(Risks dropped from the cc line.)

> Any client implementation that listens to a single bit of the
> response to tell it whether the response is cryptographically valid
> must be considered noncompliant with the DNSSEC spec.  It's just an
> old fashioned insecure DNS client.  There's nothing wrong with that,
> as long as you don't have any high trust expecations for it.

I think you're overreacting.  What we're looking for is a way to deal
with situations like this: in Unix, the libc resolver is generally
pretty lightweight.  It will only do one query; if you ask for
something which turns out to be a CNAME, it expects the recursive name
server to supply the pointed-to record.  If you want your machine to
do full recursive resolution, you run a local named (or dnscache, or
whatever) and point your stub resolver at that.

Pursuant to that architecture, the stub resolver probably doesn't want
to be validating DNS signatures, especially if it would have to go out
and fetch SIG records up to the root.  We have several lightweight
mechanisms for securing the path from the stub resolver to the
recursive resolver: putting it on the machine, TSIG, and (blech)
firewalls plus the presumption of no internal attackers.

I have yet to understand why anyone wants to set the AD bit on
unchecked data.  Sure, an authoritative server shouldn't have to do
cryptography, but it also shouldn't ever need to set the AD bit unless
it's also acting as a recursive resolver for clients.  In which case
it had better be prepared to do cryptography if it wants to set AD
bits.

> PS: I know, I know, the "valid" bit will be secured by some "out of
> band" means.  Like a shared static key, and/or by the security of
> the file system on the server.  Right.  For extra credit: composing
> several weak security primitives produces what?  Strong security or
> weak security?

In the scenario I described with the cache on the same machine as the
stub resolver, where is the weak security primitive?


to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.

v2.39.1 | Report a Bug | By Email | System Status