[DNSOP] Re: [Ext] Re: Working Group Last Call for draft-ietf-dnsop-rfc7958bis

Paul Hoffman <paul.hoffman@icann.org> Mon, 08 July 2024 18:09 UTC

Return-Path: <paul.hoffman@icann.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3E7DC1F45C9 for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2024 11:09:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.208
X-Spam-Level:
X-Spam-Status: No, score=-4.208 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OUEz462I5DsT for <dnsop@ietfa.amsl.com>; Mon, 8 Jul 2024 11:09:08 -0700 (PDT)
Received: from ppa4.dc.icann.org (ppa4.dc.icann.org [192.0.46.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C7D5C1E047F for <dnsop@ietf.org>; Mon, 8 Jul 2024 11:09:00 -0700 (PDT)
Received: from MBX112-W2-CO-2.pexch112.icann.org (out.mail.icann.org [64.78.33.6]) by ppa4.dc.icann.org (8.18.1.2/8.18.1.2) with ESMTPS id 468I2mXs020796 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 8 Jul 2024 11:02:49 -0700
Received: from MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) by MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.34; Mon, 8 Jul 2024 11:08:48 -0700
Received: from MBX112-W2-CO-1.pexch112.icann.org ([169.254.44.235]) by MBX112-W2-CO-1.pexch112.icann.org ([169.254.44.235]) with mapi id 15.02.1258.034; Mon, 8 Jul 2024 11:08:48 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: Peter Thomassen <peter@desec.io>
Thread-Topic: [Ext] [DNSOP] Re: Working Group Last Call for draft-ietf-dnsop-rfc7958bis
Thread-Index: AQHay+H+PHJdJ7/7u0SDW1yqFbDBGrHtoVcA
Date: Mon, 08 Jul 2024 18:08:48 +0000
Message-ID: <81CE86B9-8237-47B1-8762-DF147660E139@icann.org>
References: <CADyWQ+EGh2N8tssBRskH=PVXV1e1eON4z=8E1JWPypNUyZVwLg@mail.gmail.com> <7c3c263e-7b41-4258-9620-82c44f59eb62@desec.io>
In-Reply-To: <7c3c263e-7b41-4258-9620-82c44f59eb62@desec.io>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.0.32.234]
x-source-routing-agent: True
Content-Type: text/plain; charset="us-ascii"
Content-ID: <7AA9F369D2054E4BB990EA437D24023E@pexch112.icann.org>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-07-08_09,2024-07-05_01,2024-05-17_01
Message-ID-Hash: 5AI2WHNMDYINMW5KUFBVOZ6SU76SKVA5
X-Message-ID-Hash: 5AI2WHNMDYINMW5KUFBVOZ6SU76SKVA5
X-MailFrom: paul.hoffman@icann.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dnsop <dnsop@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: [Ext] Re: Working Group Last Call for draft-ietf-dnsop-rfc7958bis
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/69QWoYA9Oo_ldGyVw--IWwFUY1o>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

Thanks for the comments. Some are addressed in the revised draft coming out shortly. I have noted below only the ones that are not.

--Paul Hoffman


> On Jul 1, 2024, at 11:08, Peter Thomassen <peter@desec.io> wrote:
> Section 2.2
> -----------
> 
> OLD
>   The Zone element in the TrustAnchor element states to which DNS zone
>   this container applies.  The root zone is indicated by a single
>   period (.) character without any quotation marks.
> 
> This is underspecified w.r.t. to format, for labels containing dots.
> 
> But, the whole document is about the root (it's even in the title), and I wonder why the Zone element is there in the first place.
> 
> Instead of fixing the Zone element format, why not just drop the whole Zone element?

The zone element is there in case someone other than the root operator wants to use the format. Dropping it might cause some current users of the format to fail, so we are leaving it in.

> OLD
>   The id attribute in the KeyDigest element is an opaque string that
>   identifies the hash.
> 
> Is the id attribute expected to be unique within the XML file?
> 
> If so, does this also apply if the same digest is re-published with an added validUntil attribute, or even published twice with different validity ranges?
> 
> Also, if two digests (of different hash type) are published for the same key, do those KeyDigests share an id?
> 
> This aspect uncovers a structural issue, because the public key is not really an attribute of the key digest; rather, they are in a 1:n relationship.
> 
> I am wondering if it would be better to move the PublicKey element out of the KeyDigest element, by allowing any number of them to be direct children of TrustAnchor, with the relevant key identified by its keytag and/or validFrom attribute. This would require the schema to be updated as follows:
> 
> start = element TrustAnchor {
>    attribute id { xsd:string },
>    attribute source { xsd:string },
>    element Zone { xsd:string },
> 
>    keydigest+
>    publickey*
> }
> 
> keydigest = element KeyDigest ...
> 
> publickey = element PublicKey {
>    attribute id { xsd:string },
>    attribute keytag { xsd:nonNegativeInteger { maxInclusive = "65535" } },  // or validFrom
>    xsd:base64Binary
> }
> 
> The uniqueness concern is simplest addressed by adding "uniquely within the XML file" or something.
> 
> Howeve, it's surprising then that two digests that relate to the same key have different IDs, and I think the structural change would be cleaner. (This would then require no two keys to be published for the root with the same keytag and/or validFrom).


The spec says it is "an opaque string". Your proposal is to extend that and make it unique. This could cause a serious problem in the future if IANA does not change the id string for some reason. We are leaving it as just opaque.

> Section 2.5
> -----------
> 
> For the still-valid key, even if it's just an example example, I suggest not to use any signing and digest algorithm that are no longer fully recommended by RFC 8624. (This applies to both algorithm 5 and digest type 1.)

Using type 1 means that the example will not wrap around in the text version of the eventual RFC (it will be fine in the HTML version). If people feel strongly about this, we can indeed update this later.

> Section 3.2
> -----------
> 
> Like John, I'm not sure about the CMS mechanism, but I don't feel strongly. Perhaps some more about bootstrapping that trust could be said, or declared out of scope? At least a link to something that talks about that CA would be useful.
> 
> OLD
>   If a system
>   retrieving the trust anchors trusts the CA that IANA uses for the
>   "data.iana.org" web server, HTTPS SHOULD be used instead of HTTP in
>   order to have assurance of data origin.
> 
> Does this really mean that if I don't trust the CA, then I should be using HTTP?

Yes.

> How does that make things any better?

It does not, but the text doesn't indicate that it makes anything better.