Re: [DNSOP] Updated NSEC5 protocol spec and paper

"Ralf Weber" <> Sat, 11 March 2017 09:21 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 40BEE129405 for <>; Sat, 11 Mar 2017 01:21:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id RfBXUR0bQSFz for <>; Sat, 11 Mar 2017 01:21:49 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 6F8F8128B44 for <>; Sat, 11 Mar 2017 01:21:49 -0800 (PST)
Received: by (Postfix, from userid 107) id 17B7F5F4082E; Sat, 11 Mar 2017 10:21:48 +0100 (CET)
Received: from [] ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 146B85F40647; Sat, 11 Mar 2017 10:21:47 +0100 (CET)
From: Ralf Weber <>
To: Shumon Huque <>
Date: Sat, 11 Mar 2017 10:21:46 +0100
Message-ID: <>
In-Reply-To: <>
References: <> <> <A05B583C828C614EBAD1DA920D92866BD06F4468@PODCWMBXEX501.ctl.intranet> <> <> <>
MIME-Version: 1.0
X-Mailer: MailMate (1.9.6r5347)
Archived-At: <>
Cc: " WG" <>
Subject: Re: [DNSOP] Updated NSEC5 protocol spec and paper
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 11 Mar 2017 09:21:50 -0000


On 10 Mar 2017, at 19:15, Shumon Huque wrote:

> I would like to see us deploy an authenticated denial of existence
> mechanism that is not eminently susceptible to offline dictionary
> attack. My experience so far is that most people in the crypto
> community do not look favorably on NSEC3. Not just Dan Bernstein,
> whose strong criticisms are well known (and correct in my opinion).
> IETF protocols should pass muster with the professional cryptographer
> community.
As others have said there is more than one way to get the zone content
without doing a dictionary attack on the authoritative server (passive
DNS, browser bars, pretty much everything that collects names). So even
if you have a technical solid solution that you can't get it from the
authoritative servers it still will be possible to do it. So you don't
solve a real world problem.

NSEC3 was done to solve two problems (easy zone enumeration, opt out)
for large providers of DNS services (ccTLDs, Verisign). All of these
providers now have DNSSEC, so what is the point on introducing
something that will cause more disruption and maybe slow down adaption
of DNSSEC further?

IMHO there are other things we should work on like getting more
people to validate and rolling to ecliptic curve algorithms.

So long