[DNSOP] Re: Working Group Last Call for draft-ietf-dnsop-rfc7958bis
Peter Thomassen <peter@desec.io> Mon, 01 July 2024 18:08 UTC
Return-Path: <peter@desec.io>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70712C151066; Mon, 1 Jul 2024 11:08:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=desec.io
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YSch9OBujLRs; Mon, 1 Jul 2024 11:08:05 -0700 (PDT)
Received: from mail.a4a.de (mail.a4a.de [IPv6:2a01:4f8:10a:1d5c:8000::8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8821DC14F713; Mon, 1 Jul 2024 11:08:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=desec.io; s=20170825; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:From: References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=yA/d8nNcWvtV+laxY7QPE93D68/ataLx40KnOCwdS/E=; b=erUEamFZAI11eOWbB1kTMVYmYK lXV67i/lAZ4hqiUcPVQ4MgSdpGqGSvR7MYmpddEygR9PDCMNa34WF+3RJ+yyQYjhMNly5c4Q0OqAR 9Yv2jCJEr0NA4R+N0blca/MnQLHONClv32I51betDeLYW5yHlKcmd5V9c4RO2H5WIKcx2KOLfKV1v gLpOLhObcyOaknqOk+qwDLZIbwO85N3Cok1wwd4LZL5z7+UEGtwn10V+v+c9lk0B36N2bcY9/hwz2 Lj1OIGXy7WYrxjB2oVeZvOCPTrVegGVFUUlmiUQ3zt8F1gtRQG7MblRLyvGabTTfM7P2jI9yXz+g9 H9QXAGyQ==;
Received: from [90.187.67.221] (helo=[192.168.55.171]) by mail.a4a.de with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from <peter@desec.io>) id 1sOLRb-004S2Q-0g; Mon, 01 Jul 2024 20:08:03 +0200
Message-ID: <7c3c263e-7b41-4258-9620-82c44f59eb62@desec.io>
Date: Mon, 01 Jul 2024 20:08:02 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: Tim Wicinski <tjw.ietf@gmail.com>, dnsop <dnsop@ietf.org>
References: <CADyWQ+EGh2N8tssBRskH=PVXV1e1eON4z=8E1JWPypNUyZVwLg@mail.gmail.com>
Content-Language: en-US
From: Peter Thomassen <peter@desec.io>
In-Reply-To: <CADyWQ+EGh2N8tssBRskH=PVXV1e1eON4z=8E1JWPypNUyZVwLg@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Message-ID-Hash: FP32XY5HPKZGQMC3MUOVQJEC3APCJBJQ
X-Message-ID-Hash: FP32XY5HPKZGQMC3MUOVQJEC3APCJBJQ
X-MailFrom: peter@desec.io
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dnsop-chairs <dnsop-chairs@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: Working Group Last Call for draft-ietf-dnsop-rfc7958bis
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/7PjHmQK1wAMH7vGAOQm-SIP3RJU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
Hi all, Nice document. Some comments/nits: Section 2.2 ----------- OLD The Zone element in the TrustAnchor element states to which DNS zone this container applies. The root zone is indicated by a single period (.) character without any quotation marks. This is underspecified w.r.t. to format, for labels containing dots. But, the whole document is about the root (it's even in the title), and I wonder why the Zone element is there in the first place. Instead of fixing the Zone element format, why not just drop the whole Zone element? OLD The TrustAnchor element contains one or more KeyDigest elements. Each KeyDigest element represents the digest of a DNSKEY record in the zone defined in the Zone element. This appears to imply that a digest appearing here is always of a DNSKEY record that is present in the root zone. This does not seem to necessarily apply to retired keys. Also, on page 24 of the recent Root Zone Algorithm Rollover Study [1], it is noted that > The design team expects that IANA will follow a similar process for an algorithm rollover; that is, > to prepublish the new key as a trust anchor on the IANA website before publishing the DNSKEY > in the DNS This also seems to be at odds with the above quote from the draft. So, how about the following: NEW The TrustAnchor element contains one or more KeyDigest elements. Each KeyDigest element represents the digest of a past, current, or potentially future DNSKEY record ofthe zone defined in the Zone element. [1]: https://www.icann.org/en/system/files/files/root-zone-algorithm-rollover-study-23may24-en.pdf OLD The id attribute in the KeyDigest element is an opaque string that identifies the hash. Is the id attribute expected to be unique within the XML file? If so, does this also apply if the same digest is re-published with an added validUntil attribute, or even published twice with different validity ranges? Also, if two digests (of different hash type) are published for the same key, do those KeyDigests share an id? This aspect uncovers a structural issue, because the public key is not really an attribute of the key digest; rather, they are in a 1:n relationship. I am wondering if it would be better to move the PublicKey element out of the KeyDigest element, by allowing any number of them to be direct children of TrustAnchor, with the relevant key identified by its keytag and/or validFrom attribute. This would require the schema to be updated as follows: start = element TrustAnchor { attribute id { xsd:string }, attribute source { xsd:string }, element Zone { xsd:string }, keydigest+ publickey* } keydigest = element KeyDigest ... publickey = element PublicKey { attribute id { xsd:string }, attribute keytag { xsd:nonNegativeInteger { maxInclusive = "65535" } }, // or validFrom xsd:base64Binary } The uniqueness concern is simplest addressed by adding "uniquely within the XML file" or something. Howeve, it's surprising then that two digests that relate to the same key have different IDs, and I think the structural change would be cleaner. (This would then require no two keys to be published for the root with the same keytag and/or validFrom). OLD If the relying party is using a trust anchor that has a KeyDigest element that does not have a validUntil attribute, it can change to a trust anchor with a KeyDigest element that does have a validUntil attribute, as long as that trust anchor's validUntil attribute is in the future and the DNSKEY elements of the KeyDigest are the same as the previous trust anchor. I agree with James' comments on this one. Specifically, I don't know what "DNSKEY element" means here. Mostly, I stumbled over "it can change". Who changes it? - IANA, as explained in Section 5? Then, why is the sentence qualified with "If the relying party is using ..."? - Or is the relying party making some change? In that case, the restriction ("as long as ...") conflicts with Section 3.2, which says: "A validator operator can choose whether or not to accept the trust anchors described in this document using whatever policy they want." Section 2.5 ----------- OLD <!-- Note that these trust anchors are fictitious. --> I like that the comments have made it into examples! I believe this was also a suggestion that came up while developing [1]. For the still-valid key, even if it's just an example example, I suggest not to use any signing and digest algorithm that are no longer fully recommended by RFC 8624. (This applies to both algorithm 5 and digest type 1.) Section 3.2 ----------- Like John, I'm not sure about the CMS mechanism, but I don't feel strongly. Perhaps some more about bootstrapping that trust could be said, or declared out of scope? At least a link to something that talks about that CA would be useful. OLD If a system retrieving the trust anchors trusts the CA that IANA uses for the "data.iana.org" web server, HTTPS SHOULD be used instead of HTTP in order to have assurance of data origin. Does this really mean that if I don't trust the CA, then I should be using HTTP? How does that make things any better? Section 4 --------- "IANA- issued" --> "IANA-issued" Thanks, Peter On 6/19/24 18:32, Tim Wicinski wrote: > > All > > The authors have updated the document based on some early reviews. Since this is an update from the original RFC7958, I urge folks to take a look at the diff from the original: > > > https://author-tools.ietf.org/iddiff?url1=rfc7958&url2=draft-ietf-dnsop-rfc7958bis-02&difftype=--html <https://author-tools.ietf.org/iddiff?url1=rfc7958&url2=draft-ietf-dnsop-rfc7958bis-02&difftype=--html> > > > > This starts a Working Group Last Call for: draft-ietf-dnsop-rfc7958bis > "DNSSEC Trust Anchor Publication for the Root Zone" > > Current versions of the draft is available here: > https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc7958bis/ <https://datatracker.ietf.org/doc/draft-ietf-dnsop-rfc7958bis/> > > The Current Intended Status of this document is: Informational > > Benno will be the document shepherd > > Please review the draft and offer relevant comments. > > For WGLC, we need positive support and constructive comments; lack of objection is not enough. > So if you think this draft should be published as an RFC, please say so. > > If you feel the document is *not* ready for publication, please speak out with your reasons. > > > This starts a two week Working Group Last Call process, and ends on: July 3rd, 2024 > > thanks > > > tim > > _______________________________________________ > DNSOP mailing list -- dnsop@ietf.org > To unsubscribe send an email to dnsop-leave@ietf.org -- Like our community service? 💛 Please consider donating at https://desec.io/ deSEC e.V. Kyffhäuserstr. 5 10781 Berlin Germany Vorstandsvorsitz: Nils Wisiol Registergericht: AG Berlin (Charlottenburg) VR 37525
- [DNSOP] Working Group Last Call for draft-ietf-dn… Tim Wicinski
- [DNSOP] Re: [Ext] Working Group Last Call for dra… James Mitchell
- [DNSOP] Re: Working Group Last Call for draft-iet… Tim Wicinski
- [DNSOP] Re: [Ext] Working Group Last Call for dra… Paul Hoffman
- [DNSOP] Re: Working Group Last Call for draft-iet… John R Levine
- [DNSOP] Re: Working Group Last Call for draft-iet… Florian Obser
- [DNSOP] Re: Working Group Last Call for draft-iet… Peter Thomassen
- [DNSOP] Re: Working Group Last Call for draft-iet… Ben Schwartz
- [DNSOP] Re: [Ext] Re: Working Group Last Call for… Paul Hoffman
- [DNSOP] Re: [Ext] Working Group Last Call for dra… Paul Hoffman
- [DNSOP] Re: [Ext] Re: Working Group Last Call for… Paul Hoffman
- [DNSOP] Re: Working Group Last Call for draft-iet… Tim Wicinski
- [DNSOP] Re: [Ext] Re: Working Group Last Call for… Peter Thomassen
- [DNSOP] Re: [Ext] Re: Working Group Last Call for… Paul Hoffman
- [DNSOP] Re: [Ext] Re: Working Group Last Call for… Paul Hoffman