Re: [DNSOP] Comments regarding the NSEC5
Florian Weimer <fweimer@redhat.com> Wed, 11 March 2015 16:30 UTC
Return-Path: <fweimer@redhat.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F3F21ACE35 for <dnsop@ietfa.amsl.com>; Wed, 11 Mar 2015 09:30:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.012
X-Spam-Level:
X-Spam-Status: No, score=-6.012 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_71=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7EaA37DMSlhe for <dnsop@ietfa.amsl.com>; Wed, 11 Mar 2015 09:30:23 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D5D71ACDEC for <dnsop@ietf.org>; Wed, 11 Mar 2015 09:30:23 -0700 (PDT)
Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id t2BGUMZe012844 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Wed, 11 Mar 2015 12:30:22 -0400
Received: from oldenburg.str.redhat.com ([10.10.116.39]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t2BGUJm2026226 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 11 Mar 2015 12:30:21 -0400
Message-ID: <55006D98.7000300@redhat.com>
Date: Wed, 11 Mar 2015 17:30:16 +0100
From: Florian Weimer <fweimer@redhat.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: Jan Včelák <jan.vcelak@nic.cz>
References: <55002098.5060709@redhat.com> <55006AF8.4090500@nic.cz>
In-Reply-To: <55006AF8.4090500@nic.cz>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/AOb6fi_c02pEUxS5_GhikdffSRs>
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Comments regarding the NSEC5
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Mar 2015 16:30:25 -0000
On 03/11/2015 05:19 PM, Jan Včelák wrote: >> It's not clear if the security goals make sense. What do zone operators >> gain if zone enumeration attacks are moved from offline to online, other >> than a need to provision additional server capacity? It's not that they >> can block resolution requests from large resolvers if a part of their >> client population participates in aggressive enumeration. > > It dependes whether you see zone enumeration as a problem. If I really want to enumerate a zone, I will just send my dictionary as queries, possibly through open resolvers. People are reckless like that. At least with NSEC3, polite attackers can do some of the processing off-line, without punishing authoritative servers or resolvers. NSEC5 takes away that option. Do the existing enumerators care? Who knows. >> Section 4 says, “NSEC5 hash is an SHA-256 hash function as specified in >> [RFC6234].” Are you sure that's right? > > You mean the reference to the RFC? Yes, I think it's right. Or am I > missing something? I'm guessing, but “NSEC5 hash” is probably what involves FDH. Based on your comment,s it's clearly *not* SHA-256, contrary to what I quoted above. > We deal with NSEC5 proofs and NSEC5 hashes (see the Terminology > section). The NSEC5 proof is the FDH (can be comptuted only by the > holder of the NSEC5 private key); the NSEC5 hash is an SHA-256 hash of > the NSEC5 proof (everyone can compute it, if they know the NSEC5 proof). > > So in your notation, an NSEC5 RR owner name should be: > Base32hex(SHA-256(FDH(Wire-Encode(owner name), privkey))) And the inner part (without the Base32 encoding) is the NSEC5 hash? Or is the SHA-256 hash skipped? You really need to make this explicit. > I agree that the description is insufficient. We will fix that. Thanks. -- Florian Weimer / Red Hat Product Security
- Re: [DNSOP] Comments regarding the NSEC5 Ondřej Surý
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Bob Harold
- Re: [DNSOP] Comments regarding the NSEC5 Paul Hoffman
- Re: [DNSOP] Comments regarding the NSEC5 Paul Vixie
- Re: [DNSOP] Comments regarding the NSEC5 Edward Lewis
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Paul Hoffman
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Matthäus Wander
- Re: [DNSOP] Comments regarding the NSEC5 Warren Kumari
- Re: [DNSOP] Comments regarding the NSEC5 Paul Hoffman
- Re: [DNSOP] Comments regarding the NSEC5 Nicholas Weaver
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Bob Harold
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Bob Harold
- Re: [DNSOP] Comments regarding the NSEC5 Paul Wouters
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- [DNSOP] Comments regarding the NSEC5 Florian Weimer
- Re: [DNSOP] Comments regarding the NSEC5 Florian Weimer
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Nicholas Weaver
- Re: [DNSOP] Comments regarding the NSEC5 Paul Hoffman
- Re: [DNSOP] Comments regarding the NSEC5 Paul Wouters
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Florian Weimer
- Re: [DNSOP] Comments regarding the NSEC5 Jan Včelák
- Re: [DNSOP] Comments regarding the NSEC5 Florian Weimer