Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-security-considerations-08.txt
Michael StJohns <msj@nthpermutation.com> Sun, 03 December 2017 23:18 UTC
Return-Path: <msj@nthpermutation.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8107E1250B8 for <dnsop@ietfa.amsl.com>; Sun, 3 Dec 2017 15:18:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vDNbPAO3wVh7 for <dnsop@ietfa.amsl.com>; Sun, 3 Dec 2017 15:18:22 -0800 (PST)
Received: from mail-qk0-x230.google.com (mail-qk0-x230.google.com [IPv6:2607:f8b0:400d:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 954761200F1 for <dnsop@ietf.org>; Sun, 3 Dec 2017 15:18:22 -0800 (PST)
Received: by mail-qk0-x230.google.com with SMTP id b123so19378442qkg.7 for <dnsop@ietf.org>; Sun, 03 Dec 2017 15:18:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=YzyqWDy8yzlcC4Vy5H74ZGDTBcGBosy+LJns2vS3a1s=; b=XlMOo9yJjtoi3QSZO5CECtvAqcmyjxmDRClIp/4LzAgpd0AJpziPx/lOWxYNzz0SN5 1vPRZ7jh7blVdfFeBOEL3o7/DIGuWiLQoVf4JE0c2CaK4CRua3Y1Hb1EOSm6TNy3fJ/X +G67pLu1BvsYOhJis2BRIHHVAsytJ1ic/GSpLGX+hGhGezqEePCO5uJG11D357GexXAV 1tKgVkSl4aWogqjOfYcyGdPV8wQMyHhs56BgFyBq7YKMqeY0HdQN8s9NbhWt9YGTUKgM HIdTvN8Qa7Hq2ss2hCHZ88Yl+/gcLy7B8B/P0FW2aIylzuNNDCtLVriCHnsJjqq5Mb/W 7FNA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=YzyqWDy8yzlcC4Vy5H74ZGDTBcGBosy+LJns2vS3a1s=; b=lwQ/Ia4yv0/t/nNBEVaPuvr1hsfBRk04aCSltLSMb/1hUk8O2A6PgdNQdT30Gn05SB AmvypccFtCjRM5KeczdqIoRqkLLQBkO23eYkRU4u8GJ/ENA7veAOtDQSbYSEdMJEM12u 8yhNWnzp+hV7Oss6yjqTuALf58sxyCfN6D23JNNUXxO0UH0khFiv9RpyEMNQsIiyacKT yZ6HgizmwjYVOZz7izuxCTR2vbmypSydC3SV/kCcP5Tl5xOEv4fC467+1iMk3lpkpoCQ N9anu9HntV7KsWZPcS5mNWdOtvb4Hgxxp94/HZQxUFBFajG78raIWIh3hHo92T4Bvkfw GCoQ==
X-Gm-Message-State: AKGB3mI/mwz96e3Y+3V+91IlMSES8USLlv6mM95p6h0AHGLliW80rKcG CH7AmO3RyGjycv9Gd3gXoUaiDYLq
X-Google-Smtp-Source: AGs4zMb4zmvV1dvah3dmKMGIR/RF5maX5zh6moHXi0FwYr2WAnkWmBhdrRFANeGLz10N2UOBmXanbg==
X-Received: by 10.55.162.130 with SMTP id l124mr1965786qke.168.1512343101165; Sun, 03 Dec 2017 15:18:21 -0800 (PST)
Received: from ?IPv6:2601:152:4400:720f::1014? ([2601:152:4400:720f::1014]) by smtp.gmail.com with ESMTPSA id k34sm8503619qtk.5.2017.12.03.15.18.19 for <dnsop@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 03 Dec 2017 15:18:19 -0800 (PST)
To: dnsop@ietf.org
References: <151199364931.4845.3034001091375154653@ietfa.amsl.com> <yblvahshg6z.fsf@wu.hardakers.net>
From: Michael StJohns <msj@nthpermutation.com>
Message-ID: <9c71768d-4807-3d0a-b4b1-0ac8d066fe9f@nthpermutation.com>
Date: Sun, 03 Dec 2017 18:18:18 -0500
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <yblvahshg6z.fsf@wu.hardakers.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/4_-11ziKVstRrGRuwhSIk9pOi9s>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-security-considerations-08.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Dec 2017 23:18:24 -0000
On 11/29/2017 5:29 PM, Wes Hardaker wrote: > internet-drafts@ietf.org writes: > >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. This draft is a work item of the Domain Name System >> Operations WG of the IETF. > FYI, this contains the restructuring talked about during IETF100/dnsop > as well the new safetyMargin concepts proposed by MSJ. I haven't done a > complete double check on all my restructuring yet, so for the chairs > especially: there will likely be a -09 very soon ready for second WGLC, > but not this one. Hi - Much improved - but still some disconnects (all review is de novo): In Abstract - insert "by the publisher" after "must be followed" - this is clear later, but should be clear in the abstract. in Section 2 - first para - "from the DNSKEY publication and revocation's point of view" is unusual phrasing. I'm not sure how a publication or revocation has a point of view. I think you meant from the trust anchor publisher or SEP DNSKEY publisher's point of view? in 3 - lastSigExpirationTime - replace the first sentence with "The latest value (i.e. the future most date and time) of any RRSig Signature Expiration field covering any DNSKEY RRSet containing only the old trust anchor(s) that are being superseded." - This may still need wordsmithing or expansion. in 3 - sigExpirationTimeRemaining - two items: "latestSigExpirationTime" -> lastSigExpirationTime. and measured from when? I think its "when the addWaitTime calculation is run" or "lastSigExpirationTime - now" in 5.1.1 T+10 - replace "they have now expired" with "the signatures have now expired" - clarify context. Delete 6.1.4 - activeRefreshOffset - its a nonsensical value that is only valid from the resolver's point of view. For a given publisher/authoritative server - there will be as many activeRefreshOffsets as there are resolvers so the publisher must assume the worst case of activeRefresh. In 6.2.1 - replace activeRefreshOffset with activeRefresh - worst case value. fix 6.2.1.1 delete the term for addHoldDownTime % activeRefresh - the "2 * activeRefresh" in the previous term covers both the activeRefresh interval at the beginning of the acceptance period and the activeRefresh interval at the end. In 6.2.2 - same changes as for 6.2.1 and 6.2.1.1 (e.g. get rid of activeRefreshOffset throughout). v activeRefresh v addHoldDownTime v activeRefresh v safetyMargin v |-----------------------|-------------------------------------|-------------------------------------|--------------------------|----------------| lastSigExpirationTime^^^ acceptanceStarts ^^^ acceptance begins to complete^^ earliestSafe^^^ After the second activeRefresh interval all of the well behaved and well connected resolvers should have the new trust anchor. The safetyMargin adds some space for poorly behaving or intermittently connected resolvers or those with some drops in queries. Section 6.3 has one too many activeRefresh terms in both formulas - here are the corrected ones: remWaitTime = sigExpirationTimeRemaining + activeRefresh + safetyFactor remWallClockTime = lastSigExpirationTime + activeRefresh + safetyFactor Basically, assuming no attacker, and no drops, all well-behaved resolvers will see the revocation after one activeRefresh interval from the time of publication. Add the safety factor to take care of the slackers. This is a fine value for normal revocations where you're pretty sure that the key hasn't been compromised. There is no hold-time timer for revocation - they take effect immediately upon receipt and validation. In the case of a key compromise, I would suggest that the revoked key be published for the same interval as you would use for adding a new trust anchor. (But of course, this won't actually matter all that much if you only have a single trust anchor....) Appendix A - fix the calculations to match up with the section 6 formulas. Later, Mike
- [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-secu… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Wes Hardaker
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Michael StJohns
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Wes Hardaker
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Michael StJohns
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Michael StJohns
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Paul Vixie
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Wes Hardaker
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Michael StJohns
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Wes Hardaker
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Wes Hardaker
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Michael StJohns
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Wes Hardaker
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Michael StJohns
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Michael StJohns
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Wes Hardaker
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Michael StJohns
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-rfc5011-… Wes Hardaker