IETF Logo Mail Archive

Re: draft-arends-dnsnr-00

Roy Arends <roy@dnss.ec> Mon, 26 July 2004 10:34 UTC

From: Roy Arends <roy@dnss.ec>
Subject: Re: draft-arends-dnsnr-00
Date: Mon, 26 Jul 2004 12:34:22 +0200
Lines: 68
Sender: owner-namedroppers@ops.ietf.org
References: <Pine.BSO.4.56.0407121709550.12231@trinitario.schlyter.se> <20040726094709.1ddf51a9.olaf@ripe.net> <Pine.BSO.4.56.0407260955500.10269@trinitario.schlyter.se> <4104D30E.50709@algroup.co.uk>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Cc: namedroppers@ops.ietf.org
X-From: owner-namedroppers@ops.ietf.org Mon Jul 26 12:43:42 2004
Return-path: <owner-namedroppers@ops.ietf.org>
X-X-Sender: roy@trinitario.schlyter.se
To: Ben Laurie <ben@algroup.co.uk>
In-Reply-To: <4104D30E.50709@algroup.co.uk>
Precedence: bulk
X-Message-ID:
Message-ID: <20140418071904.2560.99133.ARCHIVE@ietfa.amsl.com>

On Mon, 26 Jul 2004, Ben Laurie wrote:

> I do not propose that NSEC2 should _replace_ NSEC, I propose that an
> operator can choose which of the two record types is supported.

I understand that. But both record types exist in different versions of
DNSSEC. To avoid switching back to previous versions of DNSSEC I included
bw compatibility. I would not encourage retaining NSEC and NSECX in a
single version of DNSSEC.

> > NSEC3 does not 'flatten' empty-non-terminals, where-as NSEC2 emulates
> > empty non-terminals with an extra EXIST record type. This is because NSEC3
> > hashes individual labels, where NSEC2 hashes owner-names.
>
> I am not wedded to the idea that the whole owner name should be hashed,
> but there are at least two considerations here:
>
> a) Hashing individual labels will make the records _much_ bigger.
>
> b) EXIST is only needed if the zone is more than one name deep (i.e.
> names within the zone contain dots), which strikes me as a rare situation.

The tradeoff is as follows:

For one label deep, both proposals have the same cost. NSEC3 hashes one
label, NSEC2 uses a single hash.

For the 'rare situation' of more labels deep, NSEC3 has a larger ownername
due to multiple hashes, while NSEC2 has additional EXIST, RRSIG(EXIST),
NSEC2, RRSIG(NSEC2).

The thing to consider is that with NSEC2, empty-non-terminals disappear
and are now emulated by EXIST records (which are non-empty).

I won't use the hash-truncation argument, since it is presumed
controversial, and can be applied to both proposals.

> > NSEC3 does not include 'hash-iterations' since the gain in obscuring does
> > not outweigh the additional cost in authoritative nameservers.
>
> Of course, you can set it to 1 in NSEC2 if you believe this.

If an authoritative nameserver receives a query for a non-existent name,
it has to iterate the hash function on the QNAME until it can include the
overlapping NSEC2, right ? To me, that is a DoS factor.

> > In general, the purpose of both records are the same: increase the cost of
> > zone-enumeration.
> >
> > NSEC3 has NSEC2 properties. Additionally it is bw compatible with NSEC,
> > allows OPT-IN and does not need extra records like NSECINFO and EXIST.
>
> NSECINFO does not appear in NSEC2-01.

That is an improvement, but from the abstract of NSEC2-01:

   This document proposes an alternate scheme which hides owner names
   while permitting authenticated denial of existence of non-existent
   names.  The scheme uses three new RR types: NSECINFO, NSEC2 and
   EXIST.

Roy

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email