IETF Logo Mail Archive

Re: [DNSOP] Roman Danyliw's Discuss on draft-ietf-dnsop-dns-zone-digest-12: (with DISCUSS and COMMENT)

"Wessels, Duane" <dwessels@verisign.com> Wed, 07 October 2020 19:55 UTC

Return-Path: <dwessels@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C9B63A1327; Wed, 7 Oct 2020 12:55:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LXItrbNYlBKF; Wed, 7 Oct 2020 12:55:18 -0700 (PDT)
Received: from mail4.verisign.com (mail4.verisign.com [69.58.187.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18C643A1322; Wed, 7 Oct 2020 12:55:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=15607; q=dns/txt; s=VRSN; t=1602100517; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=6Tjj+NlaSZao+z9pcZ4tHacZ1Ga/4D6SQaDOTiZfRMs=; b=dYkrW90sfzOw3Qs9JJ91sB2x2HECD5EZ604k8bb7wTcmdgp1d9KDyNZF Oyo1HZCWsbdSwU4ysqhd6aynznudmIy7YrPJPBTJGPDj9AUa9834MR+Wv OZyPvrJ0fOcCahdacC8qdHBHyQGx4agxD9/XCHgL1OT7iarSrNM0j3k+N FdmmhOuAgqI/Ng0l+GdyVR37ySUMwwrTPNoQyImB1gy7ZynZlITU2Sdd0 xvoT8QieRGDM1k7rjJJTrqB70fmLlYTEtR289jFDmsKM1zEBs9P7iDS+E 1fHs6mvKbsMbZK2MidpIfS4Hh6YLvSxklFXYQ6H/OWIH/u24rYqKdD9c1 A==;
IronPort-SDR: zsHVfY+H7sWkJQVIw72CFgPVn7ONp0p5eiohLyy/fzcHEticurk3R2Lg5q2IizXNQfVQOUgJ6a YXeqvLkWG0h5kptrk7Zvs5at0bH97b1CxIiGMdc63X2xqx1eVubJUsvHB5+mr7fiEkfQqw0Inf +gcMtAIlVz/LTg080+Q6PseICIEHs5wmurrLf/79oZyUCniKZW5c2pAETLsrXwz42Qvqj7Yc2q aGJ3Pzz+U7v9jrSrSTNL1xgEm/Ns4Rxr6tEhO7nklF0qIBAopn7dO3L38ssFDZfqh7vIwXq6pS MMQ=
X-IronPort-AV: E=Sophos; i="5.77,348,1596513600"; d="p7s'?scan'208"; a="3157174"
IronPort-PHdr: 9a23:av9DfhQtvOjmHHt2WP1dUtu5A9psv+yvbD5Q0YIujvd0So/mwa67ZhGCt8tkgFKBZ4jH8fUM07OQ7/m/HzBeqsfa+Fk5M7V0HycfjssXmwFySOWkMmbcaMDQUiohAc5ZX0Vk9XzoeWJcGcL5ekGA6ibqtW1aFRrwLxd6KfroEYDOkcu3y/qy+5rOaAlUmTaxe7x/IAi0oAnLucQbgIRuJ6I/xxDUvnZGZuNayH9yK1mOhRj8/MCw/JBi8yRUpf0s8tNLXLv5caolU7FWFSwqPG8p6sLlsxnDVhaP6WAHUmoKiBpIAhPK4w/8U5zsryb1rOt92C2dPc3rUbA5XCmp4ql3RBP0jioMKiU0+3/LhMNukK1boQqhpx1hzI7SfIGVL+d1cqfEcd8HWWZNQsNdWipcCY2+coQPFfIMM+ZGoYfgu1sAoxiwBQeuC+3oyz9HmnD50LY10+g9FAHLxgwgE84MvXnSsd77NL0SUeewzKTQwznMb+1Z2Szm6IfWdhAhuumAVq9+f8rM00YvER3KgluNooHiIjyU2PoCs3OA7+V+UeKvkHUqqx9vrTi1x8cskYjJho0Tylze6Sp5x4M1KMS+RUVmbtGqDIFeuDuGN4tqXMwiWWdotT4+x7AIvZO2czUGxIklyhDfZfGKfIaG7w7jWeuPPTt1mHxrdb27ihi87USt1vPxWMmw3VpWsydJjMXAu2wD2hDN7MWMV/Vz/kCk2TmV1gDT7PlJLlw1larAN5EhxaQ8mYYUsUTGBiP2mVv5jLOYdkk+/eio8evnb7P7rZGfL495khzyPrg0lsCiA+k1PBICU3Wb9OmyzrHu8k70TK1XgvEqiKXVrZLXKdgBqqKkDAJY0Zwv5wu8Ajqgzd8Wh2MILEhfdxKCl4XpPlbOL+3mAvqnmFSslStrx+jBPr38HpXBNnjDn6nlfbZ680NR1RY9w8hC651UEr8PL/P8VlPsuNDCEB82Lwu0w/z/CNlnzIwRRHiDArGDMKPJt1+E/P4gI+6JZIMNuTb9LeYq5+L2gHMkhVMRZ7Sl0JkZZXyiA/hrI0uUbWDjj9oCCWsKuxAxTO3uiF2MSz5TYHOyUroh6TA1Fo2mFpzDSZ6pgLyaxyq7AINZZnpHClCXEHfoeIOEV+0QZyKVJ89tiiYEWqS5S489yRGusxf3y6B6IeXJ4SAXqYzs1MJp5+HJkhEy7zN0BdyH026RV2F0gn8IRzgu0aB+v0N90ViD3LN5g/NGCdxT6elFUgAgNZ7T1+Z6Ecz9WhrdfteVT1arWsipASsrQdI/398Cekd9FMu+jhDNxialHrkVl6eMBJws667Twn7xJ91kx3fH06khiUcpTtJSOm2nia5w6RPTB5LSnkWYiamqaaoc0DTK9GeZwmqEpFtYXxJoUaXZQXAfYVPbosn/5kPZSL+uEa0rPRdBycGYK6tKcMbpgE5HRPj9JNTebXi9m2CqBRaH3rmMdpble30B3CXBD0gJix0c/XCdNQg5HiesuGPeAyJyFVLheU/s9vN+qHyjRE8u0w6Kd1Fh16ay+hMNmfycSf0S0qgFuCg/tzV0Ek2w393TC9WapgpheL9Qbs864FdChirlsFlHOZmpKehOj1gPdwVo9xf02xlfAYhajY4ttnx8nyRoLqfNmmxMbCiV2Yu0cpHKI2//tlj7Z7HbwUrT1M2+5KoV6e85pFOltwasQBlxu0572sVYhiPPrq7BCxAfBNeoCh46
X-IPAS-Result: A2G6AADFG35f/zCZrQpgGwEBAQEBAQEBBQEBARIBAQEDAwEBAYIPgxosgQgKhDORPoN6lkOBaQQHAQEBAQEBAQEBBAQBLwQBAYRKAoIJJjgTAgMBAQsBAQEFAQEBAQEGAwEBAQKGUYI3KQGDagEBAQECASNEEgULAgEIDgojBwICAjAlAgQOBQ6DGAGCXBGob3aBMopFCgaBOIFTi3uBQj6BESccgk0+hAgBEgEHAheDGDOCLQSQHYJlAYdniyU1kRQDB4JohEuCX442hQofgxOKBIU/gwuLTK9Wg18CBAIEBQIVgWuBC3BwFTsqAYI+PhIXAg2OKhgUjhB0NwIGAQkBAQMJjAQtgQaBEQEB
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1979.3; Wed, 7 Oct 2020 15:55:16 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%4]) with mapi id 15.01.1979.003; Wed, 7 Oct 2020 15:55:16 -0400
From: "Wessels, Duane" <dwessels@verisign.com>
To: Roman Danyliw <rdd@cert.org>
CC: The IESG <iesg@ietf.org>, "draft-ietf-dnsop-dns-zone-digest@ietf.org" <draft-ietf-dnsop-dns-zone-digest@ietf.org>, "dnsop-chairs@ietf.org" <dnsop-chairs@ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>, Tim Wicinski <tjw.ietf@gmail.com>
Thread-Topic: [EXTERNAL] Roman Danyliw's Discuss on draft-ietf-dnsop-dns-zone-digest-12: (with DISCUSS and COMMENT)
Thread-Index: AQHWm4sTc1MnUpapNEGw9n9Wd5KehKmM04SA
Date: Wed, 07 Oct 2020 19:55:16 +0000
Message-ID: <514C2BA5-37C3-48E5-B1FE-DCA96C7F37B3@verisign.com>
References: <160195246471.4620.11112787341926255318@ietfa.amsl.com>
In-Reply-To: <160195246471.4620.11112787341926255318@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3608.120.23.2.4)
x-originating-ip: [10.170.148.18]
Content-Type: multipart/signed; boundary="Apple-Mail=_C2494204-00F6-47B8-BCC6-80295C26E049"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/D3bMN529h-nA7ApnGlA5GgchhEo>
Subject: Re: [DNSOP] Roman Danyliw's Discuss on draft-ietf-dnsop-dns-zone-digest-12: (with DISCUSS and COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Oct 2020 19:55:21 -0000

Hi Roman, thanks for the detailed review and comments.  My responses are inline.


> On Oct 5, 2020, at 7:47 PM, Roman Danyliw via Datatracker <noreply@ietf.org> wrote:
> 
> Roman Danyliw has entered the following ballot position for
> draft-ietf-dnsop-dns-zone-digest-12: Discuss
> 
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> 
> 
> Please refer to https://secure-web.cisco.com/1PmgI5C3eeSLOyMacI0tFtTZ2Xp1ZVDLlBYygPBOj1Q0bVtLkzLwmmN5ldjjcypZn5nnasJsm9E5GpsNMDvWdtGaM2kaFHhp7jZlEgufkzdln1LmRT84DKcbrePOUdtgU2M4UwQqhJ69IT0KBrKkQNN1OLFRMyYwhXs48zGHMkPxAOQ9L2Je4TLpCoWGXIqZExBn5ErrQBYfVsEcz2xB1L-eKHO_l_zDzfiAHtMP8zHJQ_7GCF6YPn4OTvYHtKq1TL85oSNMxkc-a9TwIaBuzcEx2aRPzSqAPypDs7bIbFPs/https%3A%2F%2Fwww.ietf.org%2Fiesg%2Fstatement%2Fdiscuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
> 
> 
> The document, along with other ballot positions, can be found here:
> https://secure-web.cisco.com/1In2W1aOUrhepme0YYTCWi_KVrjzwPz6gRHK3wqiBh8JhXsVPR-caNTg-liKbKCksx5Y35akHQwb5BB41XUadJT3by_ZmHTxwdiSU3QpC4eNTBAE42Pw2mywlUcsCxUsDMgrwL3ph93cdoIxfnYKlbiF9GQp0v74iO_IcfqqkdmjHCiFqNSIrWIJsjsae_FUkueb3LzXcJ3Ine0GDo664s3xd60kYguQsCr17CZmEHlHTLEzHiGGXW8IrEm4JcgBjaAU2ABRPZ-bfBv0LsmZR0Q/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-dnsop-dns-zone-digest%2F
> 
> 
> 
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
> 
> Section 6.1.   My read of the text is that the security properties are intended
> to be independent of the transport protocol.  With that assumption and the
> validation procedures in Section 4, I need help understanding the security
> properties the client can rely on in the absence of DNSSEC.  Consider the
> following scenarios and attacker types; and the assurances a client could have
> when retrieving the zone file from the server:
> 
> With an on-path attacker (and trusted server hosting the zone file)
> 
> ** No DNSSEC; No Secure transport = integrity: NO; authenticity = NO
> 
> ** No DNSSEC; Secure transport = integrity: YES (from the on-path attacker);
> authenticity = NO
> 
> ** DNSSEC = integrity: YES; authenticity = YES
> 
> With a rogue server hosting the zone file (but is not the operator of the zone)
> 
> ** No DNSSEC; No Secure transport = integrity: NO; authenticity = NO
> 
> ** No DNSSEC/Secure transport = integrity: NO; authenticity = NO
> 
> ** DNSSEC = integrity: YES; authenticity = YES
> 
> The text states that:
> 
> The zone digest allows the recipient of a zone to verify its
>  integrity.  In conjunction with DNSSEC, the recipient can
>  authenticate that it is as published by the zone originator.
> 
> Can the means to realize integrity without DNSSEC unless there is a reliance on
> transport security of some form be clarified.  Minimally, it seems like this
> section needs cautionary text (likely with normative language) to the effect of
> “ZONEMD information from zone files lacking DNSSEC support or that were shared
> over ‘unsecure transport’ cannot be relied upon for cryptographic integrity
> assurance.”

You are correct that we intend the security properties to be independent of
any transport protocol.   I'm reluctant to suggest in this document that
a recipient could rely on ZONEMD for integrity because it came over a secure
transport.  Although that might be true, I have to think that the secure
transport itself provides the integrity assurance, and not the ZONEMD record.


> 
> 
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
> 
> Thank you for addressing the SECDIR review (and thank you to Donald Eastlake
> for performing the review).
> 
> ** Section 1.  s/allowing verification of the zone/allowing verification of the
> integrity of the zone/

The sentence preceding this one talks about verifying both integrity and
authenticity (given DNSSEC).  I'm not sure why you want to focus on just
integrity here in this sentence?


> 
> ** Section 1.2.  In the discussion about alternatives, it seems like the two
> competing designs are “channel security” vs. “data security”?  Is the latter
> the equivalent to “object security”, a term with which I’m more familiar?  That
> is, the data itself carries a set of security properties independent of the
> channel or session exchanging it.

Yes, data security means the same thing as object security.


> 
> ** Section 1.3.  Clarifying language.
> OLD
> As specified herein, the digest is re-calculated over the
>  entire zone content each time
> 
> NEW
> As specified herein, the digest is re-calculated over the
>  entire zone content each time the zone is updated.

Okay.


> 
> ** Section 1.3.  Editorial.  The sentence “It is, however, extensible so future
> schemes to support incremental zone digest algorithms (e.g. using Merkle trees)
> can be accommodated” didn’t parse for me.

How about this :

 It is, however, extensible, so that future schemes may be defined to support
 efficient incremental digest updates.


> 
> ** Section 2.  Per the support of multiple ZONEMD RRs, what is meant by
> “rollovers”?  There are no keys here.  It seems like multiple ZONEMD would be
> there for algorithm agility (mentioned) and scheme agility.

The document uses "rollover" in the same way that in DNSSEC we talk about
algorithm rollovers, but agreed it is unnecessary here to mention both
rollover and agility, so I will remove "and rollovers".


> 
> ** Section 2.0.
> When multiple ZONEMD RRs are present, each
>  must specify a unique Scheme and Hash Algorithm tuple
> 
> Would a normative MUST be more appropriate here?

Fine with me.


> 
> ** Section 4.  The numbered list calls zones “provably insecure” and “provable
> secure”.  What is the precise definition of those terms.  Unless there were
> formal methods involved, I’d recommend against using those words.


The terms Secure, Insecure, and Bogus are defined in RFC 4033 (DNSSEC
Security Introduction and Requirements).  So probably those terms should
be capitalized here.  Do you think it should be "proven to be Secure" or
"provably Secure" or just "Secure" or something else?


> 
> ** Section 4.
> If multiple ZONEMD RRs are
>  present in the zone, e.g., during an algorithm rollover, a match
>  using any one of the recipient's supported Schemes and Hash
>  Algorithms is sufficient to verify the zone.
> 
> It would likely be worth mentioning in Section 6 that when multiple algorithms
> are used, the overall security rests with the weakest one.

How about this?

6.2.  Use of Multiple ZONEMD Hash Algorithms

  When a zone publishes multiple ZONEMD RRs, the overall security is
  only as good as the weakest hash algorithm in use.  For this reason,
  Section 2 recommends only publishing multiple ZONEMD RRs when
  transitioning to a new scheme or hash algorithm.  Once the transition
  is complete, the old scheme or hash algorithm should be removed from
  the ZONEMD RRSet.




> 
> ** Section 5.2 and 5.3  Shouldn’t there be a request for a sub-registry, not  a
> web page?
> 
> For Section 5.2:
> OLD
>  IANA is requested to create a new registry on the "Domain Name System
>  (DNS) Parameters" web page as follows:
> 
> NEW
>  IANA is requested to create a new sub-registry in the "Domain Name System
>  (DNS) Parameters" registry as follows:

I think "registry" is correct but I defer to IANA.  In the case of DNS parameters
there are a number of different registries all on the same "page".


> 
> ** Section 5.2.  It would likely be helpful to clarify the purpose of the
> fields (e.g., it wasn’t obvious to me initially that “Implementation
> Requirement” means MTI)


The column labeled "Implementation Requirement" seems to be causing a lot
of confusion and I'm having a hard time finding examples of other protocol
registries that have something like that.  Maybe we should just remove it?


DW

v2.23.0 | Report a Bug | By Email