Re: XQID (Re: Forgery Resistance phase #2 )

[Jelte Jansen <jelte@NLnetLabs.nl>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Paul Vixie wrote:
>
> though i'm beginning to realize that the
> requirement should be phrased as "each query transaction must be protected
> by XYZ bits of high quality random entropy, which can be reached using any
> combination of udp port number, query ID, DNS 0x20 bits, PING, or repeated
> queries".  XYZ is probably about 50 if we want to rule out guessing
> attacks.
> 

I'm actually not too sure of whether a 'mix and match to your hearts
content' approach is what we should be trying to achieve here. Although
that might make debugging problems so insanely difficult that switching
to DNSSEC will be a relief :)

I do have two questions, that probably go for all the add-entropy proposals;

1. Do all recursive servers even have access to enough entropy? This
might not be a problem at all, or extra entropy could be arranged for
busy ones, but it might be worth thinking about in advance. For that
matter, what about dos attacks where the entropy pool itself is
attacked, is that possible? What would happen then?

2. Is it feasible to require (as a deployment consideration or
otherwise) that in setups where there might be multiple implementations
pretending to be one server, all implementations should have the exact
same feature set? Would we even want that?

Jelte


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIkMDi4nZCKsdOncURAlTdAKDU19655aBuQq/NGIL9D/3PqIinUgCeKT34
I6CflhDt2VWTFZnUslBhYOs=
=QGMD
-----END PGP SIGNATURE-----

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>