Re: [dnsext] NSEC4
Ben Laurie <ben@links.org> Wed, 04 January 2012 12:36 UTC
Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEA5A21F864B; Wed, 4 Jan 2012 04:36:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1325680596; bh=fnlyWPssT0yyK8QXKcMSzbz8i9F7zR1Yo/Vx4HouizI=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:From:To:Cc: Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:List-Help: List-Subscribe:Content-Type:Content-Transfer-Encoding:Sender; b=e9CUO0/mdRIrutglAm0PcwJYPQPh7F161YHSvdycOQjqWf8G/Zore4z0aGSsqdTIR hLFtz8RaNIgdNMViM0bcfWVzZSBwbXsh31LdZ5YrpTng8SrGdakdR8Y1/pf2EWz83m EAPxgCTusS7kTcNbZK0QsUBNM9FI3ldupGpYtcHg=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41A2121F864B for <dnsext@ietfa.amsl.com>; Wed, 4 Jan 2012 04:36:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.677
X-Spam-Level:
X-Spam-Status: No, score=-2.677 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, J_CHICKENPOX_41=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X4KpWD0FAQEw for <dnsext@ietfa.amsl.com>; Wed, 4 Jan 2012 04:36:34 -0800 (PST)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id 7359521F8638 for <dnsext@ietf.org>; Wed, 4 Jan 2012 04:36:34 -0800 (PST)
Received: by vcbfk13 with SMTP id fk13so14583020vcb.31 for <dnsext@ietf.org>; Wed, 04 Jan 2012 04:36:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=FM5vx1co8ya7kHkHf8kBr/Y0O2kWAaSTUr1naU+Bx7A=; b=Zlhl1SMrccbQUYcuk4i68CGeJlhWEvRMNh6LpVPJJyOEATz4LYGSyn1D+6iue+Sre9 AJ4gzslHRDB4w6ZNsJ0yo5l3UDwJ2/uvTLuBEaFpbJnmLp0MR55du5pG5DUJ5CvdERVj qCyEoV5mSqppF5zXVYSsCsJZiHlUeAXmwe2SQ=
MIME-Version: 1.0
Received: by 10.52.94.148 with SMTP id dc20mr26488083vdb.109.1325680593962; Wed, 04 Jan 2012 04:36:33 -0800 (PST)
Received: by 10.52.28.171 with HTTP; Wed, 4 Jan 2012 04:36:33 -0800 (PST)
In-Reply-To: <4F044713.8060504@nlnetlabs.nl>
References: <20120104092946.GA4199@miek.nl> <CAG5KPzw9REek_5P0yPnuY4G-taX__haiMnakupo7XgeRhLd5JQ@mail.gmail.com> <4F044713.8060504@nlnetlabs.nl>
Date: Wed, 04 Jan 2012 12:36:33 +0000
X-Google-Sender-Auth: AwAfjMp9bJP9mTz0KasMsLkAHME
Message-ID: <CAG5KPzyyEe3o_+Psnf7qKjexqas2Jb1on=xaKqv-RyhaA3==Uw@mail.gmail.com>
From: Ben Laurie <ben@links.org>
To: Matthijs Mekking <matthijs@nlnetlabs.nl>
Cc: dnsext list <dnsext@ietf.org>
Subject: Re: [dnsext] NSEC4
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org
On Wed, Jan 4, 2012 at 12:33 PM, Matthijs Mekking <matthijs@nlnetlabs.nl> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi Ben, > > Thanks for your response. > > On 01/04/2012 12:26 PM, Ben Laurie wrote: >> On Wed, Jan 4, 2012 at 9:29 AM, Miek Gieben <miek@miek.nl> wrote: >>> Dear dnsext, >>> >>> We have written down a little experiment that we have performed, called NSEC4. >>> The goal of the experiment was to optimize denial of existence records. >>> It is not our intention to standardize this, as we are aware of the backwards >>> compatibility issues this has with the current DNSSEC family RFCs, and we do >>> not want to discomfort the ongoing DNSSEC deployment. >>> >>> However, we do want to document this to archive the insights we have gained >>> by doing this experiment. Therefor, we have submitted the following draft: >>> >>> http://www.ietf.org/id/draft-gieben-nsec4-00.txt >>> >>> This experiment resolves two things: >>> * Reduces the size of the denial of existence response; >>> * Adds Opt-Out to un-hashed names. >>> >>> We would be grateful if you would like to read this. >>> >>> Our question is what is the best place to archive this? Re-reading RFC 2026, >>> we are considering to put this on the experimental non-standards track. >>> >>> Thoughts? >> >> Cute. One minor quibble: in 3.2 you say that if the hash algorithm is >> 0, then Salt Length MUST be ignored. Strictly speaking, if it is >> ignored, then the Salt field cannot be ignored (since you don't know >> how long it is). :-) > > A quibble, but indeed. > >> On that note, you could save 4 bytes by omitting those fields in this case. >> >> A more major observation: when the hash alg is 0 you specify that >> domain names are sorted in canonical order (6.1. step 7 and presumably >> elsewhere). Clearly this cannot be required to make the algorithm >> work, or it would fail when hashing was used. So, either this is >> suspicious, in that it suggests a weakness in the protocol, or you >> could make the protocol simpler by always sorting in byte order. > > My apologies, I fail to see what the problem is. If "no hash" is used, > we can order the NSEC4s in canonical order, just like NSEC. If hashing > is used, we order them in hash order, like NSEC3. In both cases you make > a usable linked-list. I guess my confusion is about: > > ... when the hash alg is 0 you ... > work, or it would fail when hashing was used. > > But when hash alg is 0, that implies that hashing cannot be used. Sure. But my point is that the order is arbitrary, therefore you can use the same ordering regardless of whether hashing is used or not. > > Step 7 of the sign algorithm in Section 6.1 says: > > 7. Sort the set of NSEC4 RRs into hash order or canonical order, > depending on the value of the hash algorithm; > > Maybe we have to clarify that canonical order is only for algorithm > number is 0? > >> Note that the canonical sort is vital to NSEC: it is what keeps the >> proof down to 2 records instead of 3 (hence the reason this might be >> suspicious). > > Yes, because you can always the closest encloser from the NSEC RRs. With > hashing that is not possible. > > Best regards, > Matthijs > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iQEcBAEBAgAGBQJPBEcTAAoJEA8yVCPsQCW5+T4H/jRGxj456YibwPfBQL5gsr/F > Ty+cP1Xsq2XhfCsshAEm3q8lB1ezSkW53/6XkuXAWXcjy6If854bCkbMx0qepNoV > FYhnS8DWgkHQZH/d3SeWkg9fko9e7JLjM74Joa8is3MpJb07J8lmuMNPFzT2eFqQ > um1jJIo2JJgDcBv39dS/mIlzDO6gCE0RwkhyQDOYmjL37JaNd+QH1vPBC37/UOzU > MmsY2l1IWwWpsgTgxO0elRTlavvHu0xYncn5M/vvsEeC9YvD6pEhJyTZlpp2DFN/ > SfITazW1ZrlqZlVozoEBJDAbgfXss6iYdzM05smgoR+KGfJndRRJAlO/toB67mU= > =sxGe > -----END PGP SIGNATURE----- _______________________________________________ dnsext mailing list dnsext@ietf.org https://www.ietf.org/mailman/listinfo/dnsext
- [dnsext] NSEC4 Miek Gieben
- Re: [dnsext] NSEC4 Roy Arends
- Re: [dnsext] NSEC4 Matthijs Mekking
- Re: [dnsext] NSEC4 Ben Laurie
- Re: [dnsext] NSEC4 Andrew Sullivan
- Re: [dnsext] NSEC4 Matthijs Mekking
- Re: [dnsext] NSEC4 Ben Laurie
- Re: [dnsext] NSEC4 Blacka, David
- Re: [dnsext] NSEC4 Miek Gieben
- Re: [dnsext] NSEC4 Alex Bligh
- Re: [dnsext] NSEC4 Miek Gieben