Re: [DNSOP] Whiskey Tango Foxtrot on key lengths...
Colm MacCárthaigh <colm@allcosts.net> Wed, 02 April 2014 01:25 UTC
Return-Path: <colm@allcosts.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39A791A0056 for <dnsop@ietfa.amsl.com>; Tue, 1 Apr 2014 18:25:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.677
X-Spam-Level:
X-Spam-Status: No, score=-1.677 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fZbJ_LxT-Qz4 for <dnsop@ietfa.amsl.com>; Tue, 1 Apr 2014 18:25:16 -0700 (PDT)
Received: from mail-oa0-f52.google.com (mail-oa0-f52.google.com [209.85.219.52]) by ietfa.amsl.com (Postfix) with ESMTP id 6E4591A0052 for <dnsop@ietf.org>; Tue, 1 Apr 2014 18:25:16 -0700 (PDT)
Received: by mail-oa0-f52.google.com with SMTP id l6so11919466oag.25 for <dnsop@ietf.org>; Tue, 01 Apr 2014 18:25:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Csz4GhE2Fk8SarvxgP9xOY9fRcuXu1Y4zNHvf7lq3b4=; b=aBiD0efaNaXFiswPbNqNjWXRYTzyU8bt/fB7MDcOuL+Xm/EFyBcrbtv9UiJ3HphAO4 JJPdim/dFHWblMds0XhUbXWT8JeFyzQ6hZylEIgXhzxY6qGVKSzu8sKiUQ8FDcjQsncG VyUhbk1y0ml3qHdo80oH9d3sr75yO2cfS2yvChHJ/NW+4EGn2LJTSLANhnSSIPfZrnXL Q8n57TAdWT5IPa+2fUN/IEyPWtHw22mawNkZIrz4GLu/YKBiF7zvGI/mwpV2Y4nr5W9O 0QvRDsuBUMVqVHcs0Z74Vhg6hO5IqYwNXh+eLr1Bv8Frn47DbxQYYuwh4RST7Jt2zifk 58PQ==
X-Gm-Message-State: ALoCoQmFJ5ohDcX2HEQN8ChFEfIWGG4P9Q+4Hru9haY8aJLdihtghOB4bWRyea+SoE/uN/uUPUad
MIME-Version: 1.0
X-Received: by 10.60.51.69 with SMTP id i5mr31282894oeo.17.1396401912678; Tue, 01 Apr 2014 18:25:12 -0700 (PDT)
Received: by 10.76.20.164 with HTTP; Tue, 1 Apr 2014 18:25:12 -0700 (PDT)
In-Reply-To: <20140402003159.B4B631228652@rock.dv.isc.org>
References: <0EA28BE8-E872-46BA-85FD-7333A1E13172@icsi.berkeley.edu> <53345C77.8040603@uni-due.de> <B7893984-2FAD-472D-9A4E-766A5C212132@pch.net> <102C13BE-E45E-437A-A592-FA373FF5C8F0@ogud.com> <474B0834-C16B-4843-AA0A-FC2A2085FEFB@icsi.berkeley.edu> <CAMm+Lwh-G7D5Cjx4NWMOhTjBZd=VVRHiPdK7L1zm-P0QRP8P2Q@mail.gmail.com> <20140401223943.528B71226903@rock.dv.isc.org> <CAAF6GDe=39bmVDOtox+9coaH7R06erm-JUK19ZwPEUVkxepKTg@mail.gmail.com> <20140402003159.B4B631228652@rock.dv.isc.org>
Date: Tue, 01 Apr 2014 18:25:12 -0700
Message-ID: <CAAF6GDdLs3V9JMa8jgD_asYqhmt=PCaBAmk4LO0JaX_q6q0UHQ@mail.gmail.com>
From: Colm MacCárthaigh <colm@allcosts.net>
To: Mark Andrews <marka@isc.org>
Content-Type: multipart/alternative; boundary="001a11c300def88e1804f6052728"
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/KQJCSZzoHn8CMmm9qkt4Ho47iZ4
Cc: Nicholas Weaver <nweaver@icsi.berkeley.edu>, "dnsop@ietf.org" <dnsop@ietf.org>, Phillip Hallam-Baker <hallam@gmail.com>, Matthäus Wander <matthaeus.wander@uni-due.de>, Bill Woodcock <woody@pch.net>
Subject: Re: [DNSOP] Whiskey Tango Foxtrot on key lengths...
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Apr 2014 01:25:18 -0000
On Tue, Apr 1, 2014 at 5:31 PM, Mark Andrews <marka@isc.org> wrote: > > This too is going too far; of course they can, they can ask another > > recursive resolver. > > Which also passes through bogus answers. I will repeat stub resolvers > can't recover from recursive servers that pass through bogus answers. > DNSSEC is a mitigation against spoofed responses, man-in-the-middle interception-and-rewriting and cache compromises. These threats are endpoint and path specific, so it's entirely possible that one of your resolvers (or its path) has been compromised, but not others. If all of your paths have been compromised, then there is no recovery; only detection. But that is always true for DNSSEC. > > Defaulting to CD=0 renders DNSSEC, essentially, pointless. Resolvers, and > > the path between resolvers and stubs, are the easiest components in the > > lookup chain to subvert. > > CD=0 tells the resolver to validate the answers it getsi if it is > validating. It has NOTHING to do with whether you are validating > or not. You have fallen for the myth that CD=1 indicates that you > intend to validate and that CD=0 means that you are not validating. > CD DOES NOT HAVE THOSE MEANINGS. > > DO=1 is the ONLY bit REQUIRED to be set if you are validating. > > If DO=1 is set you should assume the client may be validating. > Named assumes this when deciding if it will intentionally break > DNSSEC validation down stream. > As you pointed out, if I set CD=1, I always expect a meaningful answer containing signatures that I can validate. If I set CD=0, then an empty SERVFAIL response is valid. If I get SERVFAIL, how do I validate that it's a real error? Your suggestion is to regress to the CD=0 case and re-check it (or maybe do your own recursion?). Why not just do CD=0 all along? Now I agree that a resolver should always validate the signatures anyway, and if I were writing a caching resolver, I'd never cache rrsets that fail validation, even if the user has CD set to 1. But that's separate. > > DNSSEC is quite capable to protecting that path. Why do you need > > > a second protocol. > > > > That statement is not consistent with setting CD=0 on that path. > > I sugges that you go re-read all the DNSSEC RFC's if you believe > that because you are categorically WRONG. > Please stay civil, and also please don't assume that I haven't read the DNSSEC RFCs. If you set CD=0, you can't authenticate the failure case, empty SERVFAILs can be spoofed or inserted towards the stub. And how do you disambiguate between SERVFAILs that are validation errors and other server failures? Without some kind of resolver redundancy (so recovering via retrying another resolver) I don't see a way. Of course if all of your resolvers return SERVFAIL, you're left in the same situation - but again, if every path you have has been compromised, there is no escape. But this can all be boiled down to; As you've already written, you agree that CD=1 is necessary in the failure case - it's the only hope of authenticating the error. So why bother with CD=0 at all? -- Colm
- [DNSOP] Whiskey Tango Foxtrot on key lengths... Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Hoffman
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Rose, Scott
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Stephane Bortzmeyer
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Matthäus Wander
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Christopher Morrow
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Christopher Morrow
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Wouters
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Wouters
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Bill Woodcock
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Tony Finch
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Andrew Sullivan
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Tony Finch
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Thierry Moreau
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Matthäus Wander
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Joe Abley
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… S Moonesamy
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Bill Woodcock
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Jelte Jansen
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Mark Andrews
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Mark Andrews
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Hoffman
- [DNSOP] CD (Re: Whiskey Tango Foxtrot on key leng… Evan Hunt
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Mark Andrews
- [DNSOP] CD bit (was Re: Whiskey Tango Foxtrot on … Andrew Sullivan
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Olafur Gudmundsson
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Colm MacCárthaigh
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Wouters
- Re: [DNSOP] CD bit (was Re: Whiskey Tango Foxtrot… Mark Andrews
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Nicholas Weaver
- Re: [DNSOP] CD bit (was Re: Whiskey Tango Foxtrot… Andrew Sullivan
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Colm MacCárthaigh
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Phillip Hallam-Baker
- [DNSOP] Current DNSOP thread and why 1024 bits Edward Lewis
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Nicholas Weaver
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Stephane Bortzmeyer
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Paul Hoffman
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Hoffman
- [DNSOP] mailing list behavior Re: Current DNSOP t… Suzanne Woolf
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Colm MacCárthaigh
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Wouters
- Re: [DNSOP] Current DNSOP thread and why 1024 bits S Moonesamy
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Hoffman
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Rose, Scott
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Mark Andrews
- Re: [DNSOP] CD (Re: Whiskey Tango Foxtrot on key … Colm MacCárthaigh
- Re: [DNSOP] Current DNSOP thread and why 1024 bits S Moonesamy
- Re: [DNSOP] Current DNSOP thread and why 1024 bits David Conrad
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Paul Wouters
- Re: [DNSOP] Current DNSOP thread and why 1024 bits Ben Laurie
- Re: [DNSOP] Whiskey Tango Foxtrot on key lengths.… Francis Dupont