IETF Logo Mail Archive

[dnsext] RFC 4509 was Re: Adopting draft: draft-hoffman-dnssec-ecdsa-04.txt

Edward Lewis <Ed.Lewis@neustar.biz> Wed, 05 January 2011 19:20 UTC

Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6969C3A6C17; Wed, 5 Jan 2011 11:20:00 -0800 (PST)
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 099013A6C17 for <dnsext@core3.amsl.com>; Wed, 5 Jan 2011 11:19:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.206
X-Spam-Level:
X-Spam-Status: No, score=-102.206 tagged_above=-999 required=5 tests=[AWL=0.393, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0aJPpSC6TT3N for <dnsext@core3.amsl.com>; Wed, 5 Jan 2011 11:19:58 -0800 (PST)
Received: from stora.ogud.com (stora.ogud.com [66.92.146.20]) by core3.amsl.com (Postfix) with ESMTP id F093C3A681C for <dnsext@ietf.org>; Wed, 5 Jan 2011 11:19:57 -0800 (PST)
Received: from gdun-e4300.cis.neustar.com (gatt.md.ogud.com [10.20.30.6]) by stora.ogud.com (8.14.4/8.14.4) with ESMTP id p05JLveg067137; Wed, 5 Jan 2011 14:21:58 -0500 (EST) (envelope-from Ed.Lewis@neustar.biz)
Received: from [10.31.200.116] by gdun-e4300.cis.neustar.com (PGP Universal service); Wed, 05 Jan 2011 14:22:04 -0500
X-PGP-Universal: processed; by gdun-e4300.cis.neustar.com on Wed, 05 Jan 2011 14:22:04 -0500
Mime-Version: 1.0
Message-Id: <a06240805c94a73489a5f@[10.31.200.116]>
In-Reply-To: <4D24BED7.1060007@vpnc.org>
References: <4D014A84.5070204@ogud.com> <4D2390DE.8050409@ogud.com> <4D23A061.3060501@vpnc.org> <4D248950.3040208@ogud.com> <4D248A72.5010404@vpnc.org> <a06240801c94a3ed54f9e@[10.31.200.116]> <Prayer.1.3.3.1101051839410.18449@hermes-2.csi.cam.ac.uk> <4D24BED7.1060007@vpnc.org>
Date: Wed, 05 Jan 2011 14:21:55 -0500
To: Paul Hoffman <paul.hoffman@vpnc.org>
From: Edward Lewis <Ed.Lewis@neustar.biz>
X-Scanned-By: MIMEDefang 2.68 on 10.20.30.4
Cc: dnsext@ietf.org
Subject: [dnsext] RFC 4509 was Re: Adopting draft: draft-hoffman-dnssec-ecdsa-04.txt
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org

At 10:56 -0800 1/5/11, Paul Hoffman wrote:
>Thank you, Chris. I knew that someone had said something about strengths in
>an RFC, but I could not remember where. You nailed it.
>
>That's not to say that we should have equivalent wording in this document,
>just that the "cannot say anything about strength" is a new requirement that
>is not met by earlier standards-track documents from this WG.

Looking at 4509, the two places "strength" is mentioned is here:

6.2.  SHA-1 vs. SHA-256 Considerations for DS Records

    Users of DNSSEC are encouraged to deploy SHA-256 as soon as software
    implementations allow for it.  SHA-256 is widely believed to be more
    resilient to attack than SHA-1, and confidence in SHA-1's strength is
    being eroded by recently announced attacks....

My comment about needing references applies to that - "recently 
announced attacks" is unsupported by a reference.

                                     ...It is beyond the scope of this
    document to speculate extensively on the cryptographic strength of
    the SHA-256 digest algorithm.

And here the document says strength is beyond the scope.

In section 3:

    ...Validator implementations SHOULD ignore DS RRs containing SHA-1
    digests if DS RRs with SHA-256 digests are present in the DS RRset.

Looking at this, I don't see why this is a good idea if the key is 
RSA/SHA-1 (algorithm 5 or 7).  Well, not a bad idea, but what is 
gained?  If SHA-1 is questionable, why is it more questionable if 
it's the DS hash than if it is the DNSKEY hash?  Isn't the weakest 
link still SHA-1?  (Ignoring the rest of the chain.)
-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis             
NeuStar                    You can leave a voice message at +1-571-434-5468

The 21st Century is 10% complete.
_______________________________________________
dnsext mailing list
dnsext@ietf.org
https://www.ietf.org/mailman/listinfo/dnsext

v2.23.0 | Report a Bug | By Email