[DNSOP] Re: [Ext] Request: Review changes - draft-ietf-dnsop-rfc7958bis-03 → 04.
Warren Kumari <warren@kumari.net> Tue, 27 August 2024 23:46 UTC
Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC95EC18DBAD for <dnsop@ietfa.amsl.com>; Tue, 27 Aug 2024 16:46:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NANUXcx06P2O for <dnsop@ietfa.amsl.com>; Tue, 27 Aug 2024 16:46:50 -0700 (PDT)
Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F6C1C151522 for <dnsop@ietf.org>; Tue, 27 Aug 2024 16:46:49 -0700 (PDT)
Received: by mail-ed1-x52a.google.com with SMTP id 4fb4d7f45d1cf-5becd359800so6773860a12.0 for <dnsop@ietf.org>; Tue, 27 Aug 2024 16:46:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari.net; s=google; t=1724802408; x=1725407208; darn=ietf.org; h=cc:to:subject:message-id:date:references:in-reply-to:from :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=uI9UIcnMw0o+zPxD5ORpkwsRd28Rq/alMeJyiKRyuY4=; b=O3nBaCaH+lUx4uug8J9f5Px0hREFHrxzNShG5wDcQ8MMna7knuXJVYJlIv2Bj8OyME 1O98BK8MetZbFIpB1SaH9zo2N1qYWe05cg07kh1OBjlIsW8tE4e1jpZz3Cu459QFly61 2/u9G6wnBObqBtjI4macmHniM67aS2zcwq46lAZ0zgcLmmRXkuDmdv4ZylZzYlk6odFh 8XHkuTxI2JIfjbBZefAxBQEEDpdENA8S3+8aaCREUfJKfL2AgxSIQ93gGMCa2IXqJTkG xTK9WnEhR2VZgM1BcnZbYHZEX9DfHz+JDun5Ur1nbYrxsX8ZeErMrvCJxiPR49Etjtnv zWaw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724802408; x=1725407208; h=cc:to:subject:message-id:date:references:in-reply-to:from :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=uI9UIcnMw0o+zPxD5ORpkwsRd28Rq/alMeJyiKRyuY4=; b=ojE6uZo64E/VoyXrpz9kDG1bVZoaa553Uw9C6jjaCv47VqH/stouP4jmMRxA0We5+b UtnXKYFtg5sxichS6zW6y0m1CviymyIcERej94wADmd/uvPtW7Gzh/HA8nWAsr+N0gjb B+iuvngpgg4LMFnS0Zlxi0RnPeyWyHPlYDeSmRAqxzTg4m1SHKomX9+T6WqEZztZj1o4 1FwLcjgHS0jxIG3sE6ZBox9+p1a3bjtATmjXZMRz0X3BsPn5SZv9zGA6qWu65AKvnOGy JNRu4okWb8LXE8K6su0CRlEG683nJfCEE6lc9G0IdvK6T6CWtkyCk4Wl2Dj//rZo2cQR LXyw==
X-Forwarded-Encrypted: i=1; AJvYcCVLVTKYYFwM024eTvsVWw10G5NxryZA9VJbYw/HoeOwyMHBQKJhe8cXePRaTknOrcsg07Mb4g==@ietf.org
X-Gm-Message-State: AOJu0Yyb1epK867wC6MZ2LPiEwrww8QblWHUe+0BLTOEoMkIZxfR79RB qTLdHUg7gqdnotijIuRubpbhL4g15BhhK2hYHHt8VD2o25jgPsT0cZqvdK5LPwitQhgI98aHfDk 3Nei4eYU31dR9iNEjUMWAx6zB/SZXxY8gqD8Uo/IuYIKmvWhQ
X-Google-Smtp-Source: AGHT+IF0KcLgAgbz7ZVOFWxCK0hT9Wbs346qYaoWfPsORbEvLvI07315Vw2btqc+l8nTXObDHDJpXB6kYe3KEdACzUQ=
X-Received: by 2002:a05:6402:3709:b0:5be:e01c:6b5e with SMTP id 4fb4d7f45d1cf-5c214c62bf7mr158442a12.35.1724802407999; Tue, 27 Aug 2024 16:46:47 -0700 (PDT)
Received: from 649336022844 named unknown by gmailapi.google.com with HTTPREST; Tue, 27 Aug 2024 16:46:46 -0700
Mime-Version: 1.0
X-Mailer: Superhuman Desktop (2024-08-27T20:29:50Z)
X-Superhuman-ID: m0d2t2bt.38e63afc-a6dc-4b46-aecb-6ba98e75d154
X-Superhuman-Draft-ID: draft005950a46816d8a9
From: Warren Kumari <warren@kumari.net>
In-Reply-To: <cb326dc1-cee9-4369-9cb4-7ffc314e0eb3@isc.org>
References: <CAHw9_iL-ZwwA_pckR+=7SndOvqjfcNX9FjZ9Bim24uSYgTxkyw@mail.gmail.com> <98896B9D-259E-4E46-8DC7-E873D8B25F55@icann.org> <d9aed09d-b1c8-4ba1-9d4e-e83d504bfe40@nthpermutation.com> <65A596AD-1A4F-400A-9404-E2D60A54BE66@icann.org> <36118f44-d18d-443b-8aa8-007b8b62db3f@nthpermutation.com> <49523BCB-7747-44A2-97FA-8F46B238B4E0@icann.org> <cb326dc1-cee9-4369-9cb4-7ffc314e0eb3@isc.org>
Date: Tue, 27 Aug 2024 16:46:46 -0700
Message-ID: <CAHw9_iJ_xpJ4_WOPqkP6XjahiS01czO3=8fiAZbjUwTop7_zBA@mail.gmail.com>
To: Petr Špaček <pspacek@isc.org>
Content-Type: multipart/alternative; boundary="000000000000d646840620b2da0f"
Message-ID-Hash: LJ45GXE6FODK4VM6TQCL74ISXFEMFORP
X-Message-ID-Hash: LJ45GXE6FODK4VM6TQCL74ISXFEMFORP
X-MailFrom: warren@kumari.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Paul Hoffman <paul.hoffman@icann.org>, dnsop@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: [Ext] Request: Review changes - draft-ietf-dnsop-rfc7958bis-03 → 04.
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/V2pRXasNDZesJmozossWoO-ewkU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
On Mon, Aug 26, 2024 at 11:51 AM, Petr Špaček <pspacek@isc.org> wrote: > Hi everyone, > > > Hi everyone! Thank you very much for your comments. We've had some discussions, and the authors will be publishing a new version in the next few days addressing these. In addition, I will be deferring the IESG Evaluation / Balloting from this telechat/cycle to the following one. I would really like to get this published soon (so that the IANA can use it), but the document will benefit from some more clarity / polish. Thank you all very much again, Warren. I'm responding only to Paul's reaction to my previous comments. > > I don't want discuss IANA operational procedures here so I tried to focus > on the XML and it's consumers. > > On 21. 08. 24 0:20, Paul Hoffman wrote: > > On Aug 10, 2024, at 08:21, Michael StJohns <msj@nthpermutation.com> > wrote: > > On 8/9/2024 5:09 PM, Paul Hoffman wrote: > > On Aug 9, 2024, at 12:16, Michael StJohns <msj@nthpermutation.com> wrote: > > On Aug 15, 2024, at 02:43, Petr Špaček <pspacek@isc.org> wrote: > > I've re-reviewed the -04 version. It addresses the major problem of the > format - the inability to represent some DNSSEC TAs. > > -04 changes resulted in some omissions in the new text, see below. > > 2.3. XML Example > > Between versions -03 and -04 we have lost text with explicit instructions > how to reconstruct text representation of DS and DNSKEY. I'm fine with > doing it in the new section 2.3 but there are two omissions in the -04 > text: > > A. > Missing example of DNSKEY RR reconstruction. It was formerly present in > the draft -03 section 2.4. Most notably -04 text is missing instruction > about DNSKEY "Protocol" field which is not represented in the XML. > > I think it needs a reference to RFC 4034 section 2.1.2 and an unambiguous > instruction that constant "3" needs to be put in place of the Protocol > field of the DNSKEY RR under (re)construction. > > B. > Missing instruction about implicit class "IN". RFC 4034 defined all RR > types as class-independent. I think it's fine to say "add constant 'IN' and > be done with this", but I'm not aware of any RFC which would say that > non-IN classes are not to be ever used. > > I'm not understanding the threat model here. Are you saying that there > might be validating resolvers who need a properly formatted DNSKEY record, > but don't know how to put one together using the publickeyinfo? People > wanted the document to be simpler, so we took out what was basically a > restatement of RFC 4034. > > I did not mean to imply any security threat. > > It's simply that reader of the document cannot immediately see why certain > fields of DNSKEY are not defined in the XML and their values have to be > pulled out of thin air with no explicit instructions. > > Having said that, I agree with you that a reader of the document who knows > DNSSEC lore can fill in these two fields without any real risk. > > I think it's wrong to leave things undefined in a document defining an > interoperable file format but I don't insist on these two nits. > > C. > Besides these two protocol omissions I think it would be good to expand > the example to cover corner case created by optional publickeyinfo > elements. > > I would recommend to base the 2.3 XML example section on the current > version of http://data.iana.org/root-anchors/root-anchors.xml _with > DNSKEY added_ for the 20326 keytag. > > I.e. we would show three KeyDigest elements: > - 19036 which is expired (validUntil in the past) > - 20326 which is currently valid and also contains (PublicKey, Flags) > - 38696 which is also valid but does NOT contain (PublicKey, Flags) > > Is this important enough for us to have to do a new draft? > > See below. I think it is. > > Then the text should show how to reconstruct: > - DS set with two valid DSes (20326, 38696) > - DNSKEY set with just one DNSKEY (20326 only because material for 38696 > is missing) > > Again, I'm not seeing the value to restating RFC 4034 here. > > Sorry but no, this has nothing to do with RFC 4034. It's limitation of the > proposed XML format which has an optional field. That optional feature > makes the format internally inconsistent for different groups of readers - > depending on whether the reader implementation looks at Digest or > publickeyinfo elements. > > ... and say that the relying party needs to deal with this discrepancy > between DS and DNSKEY sets. > > We already have that in the Security Considerations. > > I can't see any words about DS vs. DNSKEY set mismatch in the current > Security Considerations section. Are they somewhere else I could not find > them? > > Personally I still think it's a mistake to make publickeyinfo optional but > with the current safeguards in place (last paragraph of sect 3.2) I'm > hesitantly okay with leaving it optional. > > If we make it mandatory, then the current trust anchor file, and all > previous trust anchor files, are invalid. We thought it was better to keep > them valid. > > I don't think it's an useful goal. Allow me to explain: > > - Old versions of existing software either: > a) deal with the extended format > b) or will break when the optinal publickeyinfo is actually present. > That's same no matter if publickeyinfo is optional or not. > > - IANA is reportedly eager to have the new format published ASAP. It > implies the time window where a new versions of the software can see an old > version of the file is probably very small. Consequently, new software can > rely on the new parser for all new XML files. > > - Old files are by definition (semantically) problematic for relying > parties - nobody should be using an old XML if they are setting up trust > anchors! It just does not make sense security-wise. I would call it a > feature that new software will refuse to work with an obsolete TA > definition! > > - The only remaining use-case I can see then are researchers looking at > historical XMLs. I would say the number of XML files through history is so > low that it's not worth worrying about. > > In other words: > I would recommend making publickeyinfo mandatory which removes nasty > corner cases discussed above (and below). > > Or if making it mandatory is not an option then please add warnings and an > example to the text to attract attention to the inherent DS vs. DNSKEY set > inconsistency. > > 5. IANA Considerations > > I wonder if this section needs some words about how to handle REVOKE flag > and similar DS-hash-affecting situations. Setting REVOKE flag on a (former) > TA will change its DS hash. This means that a relying party which stored > just the DS RR cannot match pre-REVOKEd and post-REVOKEd DS. > > Maybe IANA should have an instruction to NOT include REVOKEd TAs in the > file at all? Or maybe IANA should included only the pre-REVOKEd DS hash > with validUntil set to the past? > > This mess is partially a consequence of the former refusal to assign any > meaning to KeyDigest.id <http://keydigest.id/> elements so the relying > parties have a new guesswork to do when matching old and new trust anchors, > but I gather this was already discussed (and refused to change) on the > mailing list... So let's not open that question again and deal only with > the consequences. > > I'm not sure what to do about this. > > IANA is aware of all of these choices, and I think it is reasonable to let > them decide. If you want to have them think more about this, they have the > public mailing list for input. > > Fair enough, let's not prescribe operational mechanics for IANA. > > Maybe we can add a paragraph roughly like this into Security > Considerations? > > --- > Relying parties need to implement TA matching very carefully. A single TA > represented by a KeyDigest element can potentially change its Digest and > KeyTag values between two versions of the TA XML, e.g. when key is revoked > or another DNSSEC flag changes. Relying parties which fail to take this > property into account are at risk of using incorrect TA set. > --- > > If the format keeps publickeyinfo element as optional then another > paragraph is in order. E.g.: > --- > Relying parties which depend on the optional publickeyinfo element are at > risk of not seeing TAs published without this optional element. > Consequently different parties who ingest the same XML at the same time can > produce different set of trust anchors. > --- > If the publickeyinfo element is mandatory this problem goes away and we > don't need to talk about it here. > > I hope it helps. > > -- > Petr Špaček > Internet Systems Consortium > > _______________________________________________ > DNSOP mailing list -- dnsop@ietf.org > To unsubscribe send an email to dnsop-leave@ietf.org >
- [DNSOP] Request: Review changes - draft-ietf-dnso… Warren Kumari
- [DNSOP] Re: [Ext] Request: Review changes - draft… Paul Hoffman
- [DNSOP] Re: [Ext] Request: Review changes - draft… Michael StJohns
- [DNSOP] Re: [Ext] Request: Review changes - draft… Paul Hoffman
- [DNSOP] Re: [Ext] Re: Request: Review changes - d… Paul Hoffman
- [DNSOP] Re: [Ext] Request: Review changes - draft… Michael StJohns
- [DNSOP] Re: Request: Review changes - draft-ietf-… Andres Pavez
- [DNSOP] Re: [Ext] Request: Review changes - draft… Petr Špaček
- [DNSOP] Re: [Ext] Request: Review changes - draft… Michael StJohns
- [DNSOP] Re: [Ext] Request: Review changes - draft… Petr Špaček
- [DNSOP] Re: [Ext] Request: Review changes - draft… Michael StJohns
- [DNSOP] Re: [Ext] Request: Review changes - draft… Peter Thomassen
- [DNSOP] Re: [Ext] Request: Review changes - draft… Paul Hoffman
- [DNSOP] Re: [Ext] Request: Review changes - draft… Michael StJohns
- [DNSOP] Re: [Ext] Request: Review changes - draft… Edward Lewis
- [DNSOP] Re: [Ext] Request: Review changes - draft… Michael StJohns
- [DNSOP] Re: [Ext] Request: Review changes - draft… Warren Kumari
- [DNSOP] Re: [Ext] Request: Review changes - draft… Michael StJohns
- [DNSOP] Re: [Ext] Request: Review changes - draft… Edward Lewis
- [DNSOP] Re: [Ext] Request: Review changes - draft… Petr Špaček
- [DNSOP] Re: [Ext] Request: Review changes - draft… Warren Kumari
- [DNSOP] Re: [Ext] Request: Review changes - draft… Paul Hoffman
- [DNSOP] Re: [Ext] Request: Review changes - draft… Michael StJohns
- [DNSOP] Re: [Ext] Request: Review changes - draft… Warren Kumari
- [DNSOP] Re: [Ext] Request: Review changes - draft… Michael StJohns