IETF Logo Mail Archive

[DNSOP] Stupid thought: why not an additional DNSKEY record flag: NSEC* only...

Nicholas Weaver <nweaver@icsi.berkeley.edu> Wed, 04 January 2017 17:33 UTC

Return-Path: <nweaver@icsi.berkeley.edu>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD05512969A for <dnsop@ietfa.amsl.com>; Wed, 4 Jan 2017 09:33:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.001
X-Spam-Level:
X-Spam-Status: No, score=-5.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oXbP5Yxj_JSa for <dnsop@ietfa.amsl.com>; Wed, 4 Jan 2017 09:33:08 -0800 (PST)
Received: from rock.ICSI.Berkeley.EDU (rock.ICSI.Berkeley.EDU [192.150.186.19]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 115E612969D for <dnsop@ietf.org>; Wed, 4 Jan 2017 09:33:05 -0800 (PST)
Received: from localhost (localhost.localdomain [127.0.0.1]) by rock.ICSI.Berkeley.EDU (Postfix) with ESMTP id F318B2C405A for <dnsop@ietf.org>; Wed, 4 Jan 2017 09:33:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at ICSI.Berkeley.EDU
Received: from rock.ICSI.Berkeley.EDU ([127.0.0.1]) by localhost (maihub.ICSI.Berkeley.EDU [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 4AGX43o3kKDi; Wed, 4 Jan 2017 09:33:04 -0800 (PST)
Received: from gala.icsi.berkeley.edu (gala.icir.org [192.150.187.130]) (Authenticated sender: nweaver) by rock.ICSI.Berkeley.EDU (Postfix) with ESMTP id 8A3DE2C4029; Wed, 4 Jan 2017 09:33:04 -0800 (PST)
From: Nicholas Weaver <nweaver@icsi.berkeley.edu>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Message-Id: <FEDF56ED-D27D-44A7-8989-C8920BC6C1CE@icsi.berkeley.edu>
Date: Wed, 04 Jan 2017 09:33:04 -0800
To: dnsop <dnsop@ietf.org>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/f0gT-sSM-qqtW6aRzvY4xrDvJHQ>
Cc: Nicholas Weaver <nweaver@icsi.berkeley.edu>
Subject: [DNSOP] Stupid thought: why not an additional DNSKEY record flag: NSEC* only...
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2017 17:33:10 -0000

Any system which prevents zone enumeration requires online signing, https://www.cs.bu.edu/~goldbe/papers/nsec5faq.html

But NSEC5 is almost certainly not going to be adopted, simply because of the partial deployment problem.

NSEC3 lies work today, but people worry that NSEC3 might have server compromise compromise the ZSK.



So why not simply add a new DNSKEY record flag: NSEC3-only.  This flag means that the key in question can only be used to sign an NSEC* record when presenting NXDOMAIN.

This way, you can deploy this solution today using white lies, and as resolvers are updated, this reduces the potential negative consequence of a key compromise to “attacker can only fake an NXDOMAIN”, allowing everything else to still use offline signatures.

Combine with caching of the white lies to resist DOS attacks and you have a workable solution that prevents zone enumeration that is deployable today and has improved security (key can only fake NXDOMAIN) tomorrow.

--
Nicholas Weaver                  it is a tale, told by an idiot,
nweaver@icsi.berkeley.edu                full of sound and fury,
510-666-2903                                 .signifying nothing
PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc

v2.23.0 | Report a Bug | By Email