IETF Logo Mail Archive

Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-zone-digest-10.txt

"Wessels, Duane" <dwessels@verisign.com> Wed, 23 September 2020 16:40 UTC

Return-Path: <dwessels@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7C0F3A041C; Wed, 23 Sep 2020 09:40:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DmBm0qMaqOUW; Wed, 23 Sep 2020 09:40:44 -0700 (PDT)
Received: from mail3.verisign.com (mail3.verisign.com [72.13.63.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F5B13A11E7; Wed, 23 Sep 2020 09:40:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=17828; q=dns/txt; s=VRSN; t=1600879246; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=rCZkgMTVCO3dmM8QFaozJhZ+CZ7nLLuff/RHRHaYOwU=; b=Og7DEljiUqi7qgTKIlDNrxom6KN7Pt22vzeo6863aeQJAHs3vHHuAi/G 5vm3dmcTJLP3zRyLQUV2O+dkR62ferDIpBMg4j2/ymcBQCaau7ZgbfA/7 f3qshj7H4xCgg5uqG2I/FEg7ss+BXhs3Li+/lQmu2GnZxe7qaogmhlI/d gkOjtrHwm0TXPM6MI3Ip0NWSkfb4qKbyR2xs2etu63XbBLMBRQfeOQeGU nFsGhTSIMqj3NLDOFvXqfeyHiYRhxp2tdjeo6OeDa8YIGvoZqsdLOpTAJ u7X4U3d2N5hpt2TYtV5+b9WPaVBFQhzgCHE/1GLUvWNjkLtSsV9zgCaXO g==;
IronPort-SDR: u/6mVTcqtnCUMmgg40w0v01zHttFNBCP9QCFtIX9c059gwtiyBIsmG/q9uuf4jlLSww9IrdHxE 2Qb00kz6mJu/052DUBarrnIGn9hsDW2kbC3XDBWgsaZyB241bhoiy53w7LmP4FLW9v8hI8n1zx 9mgSUXwibKdIbekaHkx83bS3dPji6xbE5QS1gL6O86K2mFslqGNdzwo5qDWerX4ua/CYYa47Fe StpEy0vn4KNk/ltEuZ9WhShRuJiLAI156A0swwHgvNqZ3zMid7PgYPgXgSflC4me24OpdTiY1H +qI=
X-IronPort-AV: E=Sophos; i="5.77,293,1596499200"; d="p7s'?scan'208"; a="3108789"
IronPort-PHdr: 9a23:Ran4oh0EwIsDaVIOsmDT+DRfVm0co7zxezQtwd8ZsesXLP3xwZ3uMQTl6Ol3ixeRBMOHsq0C0rSd4vCoGTRZp8rY7jZaKN0EfiRGoP1epxYnDs+BBB+zB9/RRAt+Iv5/UkR49WqwK0lfFZW2TVTTpnqv8WxaQU2nZkJ6KevvB4Hdkdm82fys9J3PeQVIgye2ba9vIBmsogjdq8sbjZF/JqswxRfEpnhFcPlSyW90OF6fhRnx6tqx8ZJ57yhcp/ct/NNcXKvneKg1UaZWByk8PWAv483ruxjDTQ+R6XYZT24bjBlGDRXb4R/jRpv+vTf0ueR72CmBIM35Vqs0Vii476dqUxDnliEKPCMk/W7Ni8xwiKVboA+9pxF63oXZbp2ZOOZ4c6jAZt4RW3ZPUdhNWCxAGoO8bpUAD+wdPeZDsoLxo0ICoQaiCQWwAe/izCJDiH3r0q0gy+kvER/I0hE8H9wAs3rUotf6OqATUe+pw6bF1jrDY+9T2Trn6IjEbg4trPeRVrxwa8rRzkwvGhvLglqQt4PlJCiV2foJs2iA9+ZrSOyhi3M9pAF3vDejyNonh47UiYMb1F/E7j55z5gxJd2jU0N7f8CrEIFRtyGBNot2TcUiT3t0tyY9z70LoJi2dzUFx5o73RDQceCHc5SW7RL5UuacOSl1iXJ5db+9hhu/80aux+79W8Wp31hEoCRLn9vOu30J1xHd5MyKR/h/80q/2zuB1wDd5/9YLE40kafVJZAsz702m5EOv0rDGSr2l1/3jK+Qbkgr5umo6//7bbXhvJOTK4h0igTmPqQvhMO/Heo4PhIJX2iB9uSx0qDo807hQLhSk/E6jrPVvI3YKMkVvKK1Hg9Y34g55xuwDDqqyMkUkWUdIF5Yeh+Lk5LlN0zBLf37F/uznlehnTF2zP7cJLLhGI/CLn3bnbfkerZy9lBTxRIozdBa+5JUErYBIO/vWkPptNzXEBs5Mwuszuv6FNtzzp4SVmKXDKGWMazerUKE6vgxI+aQY48Voi79J+I/6PHzl3M5h0UdfbKv3ZcNdH+4GfFmL12YYXrqnNgBDX8HshciQODwlVGPUzBea2yvU6886Dw3Eo2rAITbSoComrOB3SO7HpNMZmBBD1CBCWrndouaVPcXcyKdPMthkicfWLi/VYAhzxCutBT7y7poKOrY4DEXtZXm1NRt/e3ciQky9SBoD8Say2yNSnp0nmETSj8wwKB/oVR9xUmZ0ah9nvxYCcZc5+9IUgc9M57Q1fB1C9f3WgjZZNeGVE6mQsm6ATE2Vt8+3tkOY116G9W6lR3D3jSlA6Mbl7CRA5w06K3c1WDrJ8lh03bGyLUhj14+T8tOK2KmnaF/+hPSB4HXj0WZmbymdaMG3C7C7G2D13aBvFlEUA5sVqXIRWsfaVXKotvk50PCVaSjCbU5PQtdx86OMKxKasfmjQYOePC2HdXVY2u8ny+LGTSPxrWXJN7vYGc12jndEEUelh0P9GqHMg54DSCk9THwFjtrQBjQblj3/O1l7DuXU0YywkvCO0F+2qGu9xoOreKRUfII370C/iwmrmMnTx6Gw9vKBo/Y9EJad6JGbIZ4uQ8f2A==
X-IPAS-Result: A2E0AAAHemtf/zCZrQpgGQEBAQEBAQEBAQEBAQEBAQEBARIBAQEBAQEBAQEBAQFAgU+DGiyBCAqVTiaDepgnBAcBAQEBAQEBAQEEBAEbFAQBAQKESQKCLCU4EwIDAQELAQEBBQEBAQEBBgMBAQEChkUMgjcpAXOBAwEBAQEBAQEBAQEBAQEBAQEBAQEWAkNVEgEBHQEBAQECAScgJwsFCwIBCBguAjAlAgQOBQ6DGAGCXBG3BnSBATODOIIbhQsQgTiBUwmLa4FCPoERJwwQgk0+glwCA4EzKBgngwyCLQSQBIpSgn2IVZELAweCZ4RHgl+BU5FcH4MMgSeIVJQCryODXAIEAgQFAhWBa4F7cBUaISoBgj4JNRIXAg2OKAIYiGKFQnQ3AgYKAQEDCYwZAi2BBjJfAQE
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1979.3; Wed, 23 Sep 2020 12:40:41 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%4]) with mapi id 15.01.1979.003; Wed, 23 Sep 2020 12:40:41 -0400
From: "Wessels, Duane" <dwessels@verisign.com>
To: Michael StJohns <msj@nthpermutation.com>
CC: dnsop <dnsop@ietf.org>, The IESG <iesg@ietf.org>, secdir <secdir@ietf.org>
Thread-Topic: [EXTERNAL] Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-zone-digest-10.txt
Thread-Index: AQHWkETTMQ8NU9ufI0qNlwpBjJp1Oql2sw8A
Date: Wed, 23 Sep 2020 16:40:40 +0000
Message-ID: <9C60879E-20A2-49BE-9712-CB52C5CCFD33@verisign.com>
References: <160071009516.32585.7690187581775122560@ietfa.amsl.com> <a96ab6c1-59e8-170b-2272-ba274fbcfc45@nthpermutation.com>
In-Reply-To: <a96ab6c1-59e8-170b-2272-ba274fbcfc45@nthpermutation.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.104.15)
x-originating-ip: [10.170.148.18]
Content-Type: multipart/signed; boundary="Apple-Mail=_7C924EEC-3ACE-427A-9E35-DFA907E55987"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/TDIHsVO54fKr9ckaNYz-tCN0kEs>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-dns-zone-digest-10.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2020 16:40:47 -0000

Mike & everyone,

Here's a response on behalf of the coauthors.

> On Sep 21, 2020, at 12:06 PM, Michael StJohns <msj@nthpermutation.com> wrote:
> 
> Adding IESG - I didn't realize it was in IESG evaluation.
> 
> I'm not sure why this version was posted as there is nothing on the datatracker that indicates there were IESG issues to be resolved.  There are several changes that were non-editorial that really shouldn't have been included without WG review.  2.2.4 is the one that I would have problems with the most.
> 
> Mike
> 
> 
> On 9/21/2020 2:26 PM, Michael StJohns wrote:
>> 1.4.4 - "has not been modified." -> "has not been modified between origination and retrieval."

That proposed addition is fine with us, but note that sentence is not new
and hasn't changed since Oct 2018.


>> 
>> 2.2.2 - "MUST be implemented" -> "SHOULD be implemented. Failure to implement this scheme without other standardized schemes being specified may result in a receiver being unable to validate the zone.  However, it is possible to use ZONEMD with a private scheme, and for that reason the requirement is set at "SHOULD"".

"and MUST be implemented" was added based on advice from the SECDIR review.
Previously there was no discussion of implementation requirements in this
section.  Our opinion is that MUST is appropriate here.

The suggestion to change from MUST to SHOULD just because there are private
code points seems strange.


>> 
>> 2.2.3 - "SHA384...that MUST be implemented." -> "SHA384 is the only mandatory hash algorithm currently defined for the SIMPLE scheme, and MUST be implemented if the SIMPLE scheme is implemented".


Language here probably depends on whether or not 2.2.2 needs changes.  Our
opinion is that "SHA384 MUST be implemented" is preferred and sufficient.

>> 
>> 2.2.4 - SHA384 has a hash length of 48 bytes.  12 bytes seems to imply some sort of left or right truncation.   Show stopper! Explain how this value was selected and how it interacts with the native length of the chosen hash. Note: I have no trouble with truncated hashes here, but no modern hash has less than 20 bytes so 12 seems to be a very strange number absent a discussion of truncated hashes.

I think you're referring to this changed sentence in 2.2.4, which was made
in response to the SECDIR review:

OLD: The Digest field MUST NOT be empty.

NEW: The Digest field MUST NOT be shorter than 12 octets.

We're not sure if you're referring to the idea that longer hashes could
be truncated.  We are not suggesting that.  2.2.3 also says:

  When SHA384 is used, the size of the Digest field is 48 octets.

and similarly for SHA512 at 64 octets.  Also there is a new paragraph in
4(5)(D) which says:

      D.  The Digest field size MUST be checked.  If the size of the
          given Digest field is smaller than 12 octets, or if the size
          is not equal to the size expected for the corresponding Hash
          Algorithm, verification MUST NOT be considered successful
          with this ZONEMD RR and the verifier SHOULD report that the
          RR's digest could not be verified to to an incorrect digest
          length.

I see for RFC 4509 (SHA-256 for DS RRs) says "The results of the digest
algorithm MUST NOT be truncated."  Are you suggesting the same language
for this draft?

On the other hand, if you're just wondering where 12 came from (versus
some other value), that was Donald's suggestion ("Typical minimum size for
such a field in IETF protocols seems to be 96 bits or 12 octets").


>> 
>> 3.1 - "It is RECOMMENDED...SOA". Add "However, the TTL of the ZONEMD record may be safely ignored during verification in all cases."

Okay.

>> 
>> 6.2 - *sigh* No.   Basically, this allows a zone that is done ZONEMD to push back on a parent zone that's doing key updates. (e.g. its not the keys in the zone being ZONEMD you're concerned about in this paragraph, but the keys in all of the parent zones).   Use *EXACTLY* the same model for ZONEMD that DNSSEC would use and with exactly the same implications for verification.   I'd delete this paragraph in its entirety.

This subsection below was added in response to Stephane Bortzmeyer's lastcall comments:

6.2.  DNSSESC Timing Considerations

  As with all DNSSEC signatures, the ability to perform signature
  validation of a ZONEMD record is limited in time.  If the DS
  record(s) or trust anchors for the zone to be verified are no longer
  available, the recipient cannot validate the ZONEMD RRSet.  This
  could happen even if the ZONEMD signature is still current (not
  expired), since the zone's DS record(s) may have been withdrawn
  following a KSK rollover.

  For zones where it may be important to validate a ZONEMD RRSet
  through its entire signature validity period, the zone operator
  should ensure that KSK rollover timing takes this into consideration.

All this says is that a zone that deploys ZONEMD may want to keep signature
validity periods of ZONEMD RRs in mind when thinking about a KSK rollover.

(Stephane's suggested text ended with "Verification must be timely" but
our opinion is that its better here to put the onus on the zone operator
to do the right thing if that is important to them.)

A signed zone with a ZONEMD RR will always contain the KSK and ZSK DNSKEY
RRs.  To build a chain of trust for validation, the application needs to
join the "offline" in-zone DNSSEC data with the "online" ancestor DNSSEC
data, and the link between those two is the zone's DS record.  If that DS
record is no longer there (due to a rollover) then validation could fail.
But parent zone rollover won't have any impact on whether or not the ZONEMD
zone's DS record is still there or not.

DW



>> 
>> Mike
>> 
>> 
>> On 9/21/2020 1:41 PM, internet-drafts@ietf.org wrote:
>>> A New Internet-Draft is available from the on-line Internet-Drafts directories.
>>> This draft is a work item of the Domain Name System Operations WG of the IETF.
>>> 
>>>         Title           : Message Digest for DNS Zones
>>>         Authors         : Duane Wessels
>>>                           Piet Barber
>>>                           Matt Weinberg
>>>                           Warren Kumari
>>>                           Wes Hardaker
>>>    Filename        : draft-ietf-dnsop-dns-zone-digest-10.txt
>>>    Pages           : 36
>>>    Date            : 2020-09-21
>>> 
>>> Abstract:
>>>    This document describes a protocol and new DNS Resource Record that
>>>    provides a cryptographic message digest over DNS zone data. The
>>>    ZONEMD Resource Record conveys the digest data in the zone itself.
>>>    When a zone publisher includes a ZONEMD record, recipients can verify
>>>    the zone contents for accuracy and completeness.  This provides
>>>    assurance that received zone data matches published data, regardless
>>>    of how the zone data has been transmitted and received.
>>> 
>>>    ZONEMD does not replace DNSSEC.  Whereas DNSSEC protects individual
>>>    RRSets (DNS data with fine granularity), ZONEMD protects a zone's
>>>    data as a whole, whether consumed by authoritative name servers,
>>>    recursive name servers, or any other applications.
>>> 
>>>    As specified herein, ZONEMD is impractical for large, dynamic zones
>>>    due to the time and resources required for digest calculation.
>>>    However, The ZONEMD record is extensible so that new digest schemes
>>>    may be added in the future to support large, dynamic zones.
>>> 
>>> 
>>> The IETF datatracker status page for this draft is:
>>> https://secure-web.cisco.com/1Bciq9FKQYC7LPRB_xc5DUd2eectN1vID6gMeVeUvZjsC9YJ6gR0Y1X9uKqk-E2hG-aupvQW-vJixykihX8foFWsEamul7uYumJ9pTn4rB2bsVFllxWQ6oZYcw-f-GGBMzQPdjAvKUr42B5YYlZeminoQpdGMpfzqiTPiIf6vU1SKSq5s3jVaTfKuVkN-_HpvmoKQdG4kF6OOW151OV2KBsWnc2bA5IPTjW5r7J0Sa5ZoOJQAIpSdds4gNXh5I2XQKsdKzVJHoHPYxO6RVeoHvQ/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-dnsop-dns-zone-digest%2F
>>> 
>>> There are also htmlized versions available at:
>>> https://secure-web.cisco.com/191c0vgh-YAcjBXWPCGyC3caoo2F3ilqCOrud8-TE4faxQzDDn4SgJj_5KNvmW1EazmC4NuCiiUsbyAdqYuFsa98WTDQXcDMgSv8pqeEoFb7dpJhdYd2FyraNlGPm4q7QPqIYYu5QalekRcQEy7n7nCVhgTXo0z-Xcu0PScviu0-Qc8HL0xPWtiXIzDZoPTycATAdOw3o-9NTa1QnZ8fFSeCxnAUmrQ93OmqhhLqh0nc7lPWU72oQl5JcLO3xhxSXyVbaYnClq4BUj1Bh_SFrffbcd3W-_0zt0bRg_SC2Kso/https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-dnsop-dns-zone-digest-10
>>> https://secure-web.cisco.com/1o_pTg6x9j3zM6iNdwzB7XFoHZ6jjmWxkJLq1l9p422P_QEAlIIFZ8bj2jPIBDZTVt9cWgyCpAad0tlIvbbHUhMygGbbFwLCwnh0c1x87jQB2jgb3haHbnik618V_d9SYC7678tVdYSxh0dvguXLVpiQKfAUuB-o5Ln8kucsB-4rCXNhcZlsLSfM3UeckZwgKkYmpDKI5s9qb830pu_sgsTf0ktpZmExbwFHQ-WhtaU75jhTVI3ysAgHF9IoaB86ehBCXAj9GWrAU0SbaKBV4uw/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-ietf-dnsop-dns-zone-digest-10 
>>> 
>>> A diff from the previous version is available at:
>>> https://secure-web.cisco.com/1HGjXQI_4iLK5f4sDQfn5qQ6z9HYWmDKDJO1dAqOTnP2QwJyb371KfblT4labrcqaQFw4KICgfJ0q7J8gdnsntJq08bJFPNI9rpKF3JSaDic8n1nVza2er1QT9kny4MsnhD8LphgKurPjREbcq95d8JMRk8hj8pJ82_rOYO9Yepfr-C2Yy4uDXpB4V5POETKnRoV6BTsBElgyIeQbIcHrDhuSFV9LaDWP-hbsnbWYJ5wlB9ln4s3d1czbYruB1gpg3VXKWnuk_pe9EhmCBlNa0VrMlKfrKPzkRCV9oL4IGow/https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-ietf-dnsop-dns-zone-digest-10
>>> 
>>> 
>>> Please note that it may take a couple of minutes from the time of submission
>>> until the htmlized version and diff are available at tools.ietf.org.
>>> 
>>> Internet-Drafts are also available by anonymous FTP at:
>>> ftp://ftp.ietf.org/internet-drafts/
>>> 
>>> 
>>> _______________________________________________
>>> DNSOP mailing list
>>> DNSOP@ietf.org
>>> https://secure-web.cisco.com/1hLFbYnvHqECH8cjYe-sOIimYA8qICY9J06FkQxqloKZx6DZXS2iEoYJbxUIedyflFr6PaoBHOv5dp0Bf9x0UVO7HHZUVo1bR5fAX3pzWitEO9Eo0rcl5hnrq5Q6Dd-xWSdMAPsO_H5PaOUNLPZvTCPJg6CeVPWDPJkDlQwMDNrFJNlGZfTcUIbUP7ucEsYZS5-k-kFrqKonOLi1gnxQH65clcnQe1tPS2Li9OeqEM7nZvQusi4KZQ3ytaibZjN34m7KqzVoPdnW35D_O4eRTudc6wDeXrzNLAn84Imv90do/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fdnsop
>> 
>> 
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://secure-web.cisco.com/1hLFbYnvHqECH8cjYe-sOIimYA8qICY9J06FkQxqloKZx6DZXS2iEoYJbxUIedyflFr6PaoBHOv5dp0Bf9x0UVO7HHZUVo1bR5fAX3pzWitEO9Eo0rcl5hnrq5Q6Dd-xWSdMAPsO_H5PaOUNLPZvTCPJg6CeVPWDPJkDlQwMDNrFJNlGZfTcUIbUP7ucEsYZS5-k-kFrqKonOLi1gnxQH65clcnQe1tPS2Li9OeqEM7nZvQusi4KZQ3ytaibZjN34m7KqzVoPdnW35D_O4eRTudc6wDeXrzNLAn84Imv90do/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fdnsop

v2.23.0 | Report a Bug | By Email