Re: [DNSOP] Robert Wilton's No Objection on draft-ietf-dnsop-dns-zone-digest-12: (with COMMENT)

Donald Eastlake <d3e3e3@gmail.com> Sat, 10 October 2020 03:10 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A8F33A1764; Fri, 9 Oct 2020 20:10:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I8KGXY69prGR; Fri, 9 Oct 2020 20:10:26 -0700 (PDT)
Received: from mail-il1-x136.google.com (mail-il1-x136.google.com [IPv6:2607:f8b0:4864:20::136]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C15B3A1763; Fri, 9 Oct 2020 20:10:26 -0700 (PDT)
Received: by mail-il1-x136.google.com with SMTP id t12so11097241ilh.3; Fri, 09 Oct 2020 20:10:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RBRWxq9JEmux6cTw6f8LIrvbfO4moPs8zAuuGsoWSog=; b=RrRb1snHH332hjmdg1WkkBtJT1LuJE2zzi7D00Zm8PsLZs6lsMD8DIO6C0M9DpLps/ ZmLxfe1rF52NPy6LJNQCLkRYJc7B6LHvNZWmDpOJ5WmKXOX01WdI+rhE7n/K6ga+aI/I TfzzjNyoTbyuaUA3yXLWl7R46eOHMVRo79K4uabdoPMd2czcbcm/X+qqA9ab6+mj/JbA mkJpSAhB8whVLfhwC/pgJ5s9w4QYxysOR8idRTWVZSRzeVlGQJM5Zd4f+kSx4SiloebL m+ZkY1iWh5h2m4d5AlwNa3BiK/1KZ5P7O/JV4Jlc26Wz2JXwhfLYn9PYdjchQ3cMRtoH JsBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RBRWxq9JEmux6cTw6f8LIrvbfO4moPs8zAuuGsoWSog=; b=tOs29sgDWCTTDF9xak+c5HMAZJaFAI5gptUIkQ/J8lSu3f9uKhK28HSeaZBpjAyuIU Z6CNxxTeamM3UCw1xkoIWsxuYhqcMjAdGG9ykD78NL1k/8UxYvr8QoGHjn68Q0j4Vaff 0hWYLgz9/ft+c6BXR79DucLHUx9hKt2dICoet5Ye150qct91oN433TxNwDWNvfr6kV3d BdcXzp0iPEoTiUb23CM+PgzAksnBdT5UmPK05xLUcOq4osDNlqBSFPVi2U4EIQ+ZWWap C/Q0rSt/fHJ5Z4o+uzItMoqdK42SKqZccUpaDFBFBjip+lEGqeAfHtspjmj8UV/M02D2 En6Q==
X-Gm-Message-State: AOAM532igN6/xxtf2FaD4LqNM+IQbghD1/zdQC1OsYg9NbPh0c9KcJdd vb50VZA0iiPaZVw5WbsuRyGo+v8w1buQH77LLxg=
X-Google-Smtp-Source: ABdhPJyrys6knTQKAhMvYISk1nsPJgNKtSeLuqG8cSppvioE4HfhpH8905Ly97KdRD6iqrKZ5ylp0IsOpnfl4Qknjcw=
X-Received: by 2002:a92:a1d1:: with SMTP id b78mr13215434ill.168.1602299425244; Fri, 09 Oct 2020 20:10:25 -0700 (PDT)
MIME-Version: 1.0
References: <160215590178.19643.8185294724542473578@ietfa.amsl.com> <CAF4+nEEkt=QXZ6OErEBdvZgw4X6bhvB9yBjRjLAgY436i_o=FQ@mail.gmail.com> <MN2PR11MB436644FCED99A35EB7A7CD64B5080@MN2PR11MB4366.namprd11.prod.outlook.com>
In-Reply-To: <MN2PR11MB436644FCED99A35EB7A7CD64B5080@MN2PR11MB4366.namprd11.prod.outlook.com>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Fri, 09 Oct 2020 23:10:14 -0400
Message-ID: <CAF4+nEHX=GemUiV6uq7ttyqHQqwev4swg-oAc+Ytp9jyjLV0bA@mail.gmail.com>
To: "Rob Wilton (rwilton)" <rwilton@cisco.com>
Cc: The IESG <iesg@ietf.org>, "draft-ietf-dnsop-dns-zone-digest@ietf.org" <draft-ietf-dnsop-dns-zone-digest@ietf.org>, Tim Wicinski <tjw.ietf@gmail.com>, "<dnsop@ietf.org>" <dnsop@ietf.org>, "dnsop-chairs@ietf.org" <dnsop-chairs@ietf.org>, Roman Danyliw <rdd@cert.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/EJO26CJsy0aBHW8C7PjvB6XL-Wk>
Subject: Re: [DNSOP] Robert Wilton's No Objection on draft-ietf-dnsop-dns-zone-digest-12: (with COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Oct 2020 03:10:38 -0000

Hi Rob,

I'm not aware of any precise analysis supporting the 12 byte minimum
size but I believe it is reasonable and in line with the lower end of
the range of hash sizes typically standardized by the IETF these days.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com

On Fri, Oct 9, 2020 at 5:23 AM Rob Wilton (rwilton) <rwilton@cisco.com> wrote:
>
> Hi Donald,
>
> > -----Original Message-----
> > From: Donald Eastlake <d3e3e3@gmail.com>
> > Sent: 09 October 2020 00:47
> > To: Rob Wilton (rwilton) <rwilton@cisco.com>
> > Cc: The IESG <iesg@ietf.org>; draft-ietf-dnsop-dns-zone-digest@ietf.org;
> > Tim Wicinski <tjw.ietf@gmail.com>; <dnsop@ietf.org> <dnsop@ietf.org>;
> > dnsop-chairs@ietf.org
> > Subject: Re: [DNSOP] Robert Wilton's No Objection on draft-ietf-dnsop-dns-
> > zone-digest-12: (with COMMENT)
> >
> > On Thu, Oct 8, 2020 at 7:18 AM Robert Wilton via Datatracker
> > <noreply@ietf.org> wrote:
> > > Robert Wilton has entered the following ballot position for
> > > draft-ietf-dnsop-dns-zone-digest-12: No Objection
> > >
> > > ...
> > >
> > > ----------------------------------------------------------------------
> > > COMMENT:
> > > ----------------------------------------------------------------------
> > >
> > > ...
> > >
> > >     2.2.4.  The Digest Field
> > >
> > >        The Digest field MUST NOT be shorter than 12 octets.  Digests for
> > the
> > >        SHA384 and SHA512 hash algorithms specified herein are never
> > >        truncated.  Digests for future hash algorithms MAY be truncated,
> > but
> > >        MUST NOT be truncated to a length that results in less than 96-
> > bits
> > >        (12 octets) of equivalent strength.
> > >
> > > When I read this, I wonder why the limit of 12 bytes was chosen.
> > Possibly a
> > > sentence that justifies why this value was chosen might be useful,
> > noting that
> > > the two suggested algorithms have significantly longer digests.
> >
> > To me, the purpose of the limit is to establish a minimum strength
> > against brute force attacks. Of course, the hash algorithm also has to
> > be strong but the length of the Digest field puts a sharp limit on the
> > strength of a ZONEMD.
> [RW]
>
> I absolutely agree on specifying a minimum value.  My question is how was the minimum length of "12 bytes" chosen?  Is there some analysis performed that indicates that this is the right minimal value, or is this just a "12 bytes sounds like enough"?
>
> Regards,
> Rob
>
>
> >
> > Note that for the same reason there is a similar provision from 2006
> > in RFC 4635, Section 3.1, point 4, which sets a minimum size of 10
> > bytes for the hashes that appear in TSIG RRs.
> >
> > Thanks,
> > Donald
> > ===============================
> >  Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
> >  2386 Panoramic Circle, Apopka, FL 32703 USA
> >  d3e3e3@gmail.com
> >
> > >     ...
> > >
> > > Regards,
> > > Rob