IETF Logo Mail Archive

Re: [DNSOP] rfc4641bis: NSEC vs NSEC3.

Mark Andrews <marka@isc.org> Tue, 23 February 2010 00:08 UTC

Return-Path: <marka@isc.org>
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5865F28C4BA for <dnsop@core3.amsl.com>; Mon, 22 Feb 2010 16:08:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.615
X-Spam-Level:
X-Spam-Status: No, score=-4.615 tagged_above=-999 required=5 tests=[AWL=1.984, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id acm5ns--Z2Fh for <dnsop@core3.amsl.com>; Mon, 22 Feb 2010 16:08:28 -0800 (PST)
Received: from farside.isc.org (farside.isc.org [204.152.187.5]) by core3.amsl.com (Postfix) with ESMTP id 8F75A28C47F for <dnsop@ietf.org>; Mon, 22 Feb 2010 16:08:28 -0800 (PST)
Received: from drugs.dv.isc.org (drugs.dv.isc.org [IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "drugs.dv.isc.org", Issuer "ISC CA" (not verified)) by farside.isc.org (Postfix) with ESMTP id A1AACE60B3; Tue, 23 Feb 2010 00:06:53 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.14.3/8.14.3) with ESMTP id o1N06oxE067928; Tue, 23 Feb 2010 11:06:50 +1100 (EST) (envelope-from marka@drugs.dv.isc.org)
Message-Id: <201002230006.o1N06oxE067928@drugs.dv.isc.org>
To: Roy Arends <roy@dnss.ec>
From: Mark Andrews <marka@isc.org>
References: <20100220202751.GB54720@shinkuro.com> <20100220213133.GE2477@isc.org> <4B807DC0.9050807@ogud.com> <315AD36E-879A-4512-A6A8-B64372E3D3CF@sinodun.com> <201002220022.o1M0M3qR048760@drugs.dv.isc.org> <A8EB3AAE-0DA6-4C4E-B2D1-E548884F63D5@dnss.ec> <4B8251E9.70904@nlnetlabs.nl> <699B9362-B927-4148-B79E-2AEB6D713BE8@dnss.ec> <4B82897F.7080000@nlnetlabs.nl> <9C97F5BFBD540A6242622CC7@Ximines.local> <20100222161251.GA99592@isc.org> <FD83B7A9-583C-4E6C-9301-414D043DBB08@dnss.ec>
In-reply-to: Your message of "Mon, 22 Feb 2010 11:52:07 CDT." <FD83B7A9-583C-4E6C-9301-414D043DBB08@dnss.ec>
Date: Tue, 23 Feb 2010 11:06:50 +1100
Sender: marka@isc.org
Cc: Evan Hunt <each@isc.org>, dnsop@ietf.org, Alex Bligh <alex@alex.org.uk>, "W.C.A. Wijngaards" <wouter@NLnetLabs.nl>
Subject: Re: [DNSOP] rfc4641bis: NSEC vs NSEC3.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Feb 2010 00:08:29 -0000

In message <FD83B7A9-583C-4E6C-9301-414D043DBB08@dnss.ec>, Roy Arends writes:
> On Feb 22, 2010, at 11:12 AM, Evan Hunt wrote:
> 
> >> Using NSEC instead of NSEC3 because you fear SHA1 collisions does not
> >> seem sensible, as if you fear SHA1 collisions, you have other more
> >> significant problems with DNSSEC to worry about, and thus this is
> >> not, in my opinion, reasonable. And it isn't sensible to suggest
> >> users worry about it. If we are going to mention it, it should be
> >> in security considerations, saying NSEC3 is dependent upon certain
> >> properties of its hash algorithm (I forget now whether it is
> >> collision resistance, pre-image resistance or or what), but this
> >> should also point out the whole of DNSSEC is predicated on similar
> >> qualities.
> > 
> > +1 except for the "if".  It is mathematically possible for collisions to
> > occur with one approach and not the other, and it would be irresponsible
> > not to make note of the fact, even if we agree that the chances of this
> > occurring in nature are negligible.
> 
> This is absurd. If we're going to do this, I'd like the security consideratio
> ns to reflect all of the non-zero probabilities of errors occuring (those tha
> t have a higher probability). This includes software-bugs, hardware-bugs, pro
> bability of advances in factorization, randomness of PRNG for DNSKEYs, faulty
>  calibration/low granularity of equipment measuring the transition between th
> e two hyperfine levels of the ground state of the caesium 133 atom. Gravitati
> onal Sphere of Influence of the 99942 Apophis on the Gravitational orbit of G
> PS satelites (Still having a higher probability than hash-collisions ;-)), Dr
> unk Sysadmins, Rouge Registrar, etc, etc.
> 
> I'm sure that it will be a very large section.

Apart from the slightly higher risk of software bugs because NSEC3
is more complicated.  The other items have no impact of the decision
to choose between NSEC and NSEC3 and as such are irrelevent.

> Roy
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org

v2.23.0 | Report a Bug | By Email