Re: [DNSOP] new dnsop related draft: RFC5011 security considerations
Wes Hardaker <wjhns1@hardakers.net> Wed, 03 August 2016 17:38 UTC
Return-Path: <wjhns1@hardakers.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6A9112B01E for <dnsop@ietfa.amsl.com>; Wed, 3 Aug 2016 10:38:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.488
X-Spam-Level:
X-Spam-Status: No, score=-5.488 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rgwyfh6THuZG for <dnsop@ietfa.amsl.com>; Wed, 3 Aug 2016 10:38:10 -0700 (PDT)
Received: from mail.hardakers.net (mail.hardakers.net [168.150.236.43]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4557012D798 for <dnsop@ietf.org>; Wed, 3 Aug 2016 10:38:10 -0700 (PDT)
Received: from localhost (50-1-20-198.dsl.static.fusionbroadband.com [50.1.20.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.hardakers.net (Postfix) with ESMTPSA id 15713261A0; Wed, 3 Aug 2016 10:38:06 -0700 (PDT)
From: Wes Hardaker <wjhns1@hardakers.net>
To: Matthijs Mekking <matthijs@pletterpet.nl>
References: <0lfuqoqhd7.fsf@wjh.hardakers.net> <99f615b9-15e6-d034-3926-83e273df6870@pletterpet.nl>
Date: Wed, 03 Aug 2016 10:38:05 -0700
In-Reply-To: <99f615b9-15e6-d034-3926-83e273df6870@pletterpet.nl> (Matthijs Mekking's message of "Wed, 3 Aug 2016 14:44:31 +0200")
Message-ID: <0lvazhhhxe.fsf@wjh.hardakers.net>
User-Agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/UQH-GPOcpUVEfsgY0j_X0gYZqdc>
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] new dnsop related draft: RFC5011 security considerations
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2016 17:38:17 -0000
Matthijs Mekking <matthijs@pletterpet.nl> writes: > 1. In the introduction you mention there is no guidance to how long a > DNSKEY must be published before it can be considered accepted. Perhaps > there is no implicit guidance in RFC 5011, you should be able to derive > it from the timing parameters defined in that document. I believe one can derive it, hence the reason we titled the draft "security considerations". IE, it's not the intent of the draft to create anything new, just to more clearly document what is already true (but misunderstood by most). > In fact, it has been done before and RFC 7583 (DNSSEC Key Rollover > Timing Considerations) gives guidance on exactly this in Section > 3.3.4. I need to study that document again (it's been a while) in order to fully respond to your note, but I agree there is information in there that is certainly relevant. And we should certainly add a reference to it as well, if this document needs to go forward. In 3.3.4.1, we have: modifiedQueryInterval = MAX(1hr, MIN(15 days, TTLkey / 2)) Itrp >= AddHoldDownTime + 2 * modifiedQueryInterval And in our document, I just realized, fails to define the "safe" equation that we came up with. But our safe value came out to be: Itrp >= AddHoldDownTime + 3 * SignatureLife / 2 + 2 * TTLkey We'll go add that equation into our document (which I was sure we had put in, but apparently not) and republish shortly. > 2. The outlined attack is possible because the defined queryInterval is > approximately done at the half of the RRSIG expiration interval. If the > queryInterval was to be increased that it would be at most the full > expiration interval, the replay attack cannot be successfully executed. > While this makes the DNSKEY rollover duration even longer, it is now > secured against the outlined attack. I don't think we need to modify 5011 itself. Just how to use it. -- Wes Hardaker Parsons
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Shane Kerr
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Matthijs Mekking
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Warren Kumari
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Michael StJohns
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Wes Hardaker
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Wes Hardaker
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Wes Hardaker
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Matthijs Mekking
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Matthijs Mekking
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Wes Hardaker
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Bob Harold
- Re: [DNSOP] new dnsop related draft: RFC5011 secu… Wessels, Duane
- [DNSOP] new dnsop related draft: RFC5011 security… Wes Hardaker