Re: [Trans] [dane] CT for DNSSEC
Wei Chuang <weihaw@google.com> Wed, 29 March 2017 14:33 UTC
Return-Path: <weihaw@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4259412706D for <trans@ietfa.amsl.com>; Wed, 29 Mar 2017 07:33:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3G6GHGV9Ztyp for <trans@ietfa.amsl.com>; Wed, 29 Mar 2017 07:33:05 -0700 (PDT)
Received: from mail-vk0-x22a.google.com (mail-vk0-x22a.google.com [IPv6:2607:f8b0:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D73DD129474 for <trans@ietf.org>; Wed, 29 Mar 2017 07:33:04 -0700 (PDT)
Received: by mail-vk0-x22a.google.com with SMTP id r69so19711929vke.2 for <trans@ietf.org>; Wed, 29 Mar 2017 07:33:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ELqmOff7XmJwPebSXz96vQu6FgCaMaHiyiIPAcjtXbw=; b=LjB+/bXq0jCcumvgMPoAYbR916JHxrxTOPCin0j+ze7ApPVvgb4ay1MY+RhZgF5nB4 6E3SfEkrZFc9KsaoKQd/jkmlkwaQprCI+xLuCzeJMCbrM5k8i07u48z+isULa4ysUTrh Hm+UvEiJMRJ8QD+Hrji3Pb+Bl49tijA0lZvIC8+DO0ihigTUojtqbjTgiH/tGSk2LrMM /J8bcI1B+lkD1of3+F/MjvcaImg0RxFKN3SphuFOrfYE+g3EUbFfkSiYUDmWAWpE2pUp j6VX6SeofsXbySeWDd0f2ev8w4zzvK0I2D4w4x8F47kHS4dnnS+hT0r1RJ+hcBtX6tf7 P3rA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ELqmOff7XmJwPebSXz96vQu6FgCaMaHiyiIPAcjtXbw=; b=I+5XbKBciHCuQhwRKpSgzekeZIYNHwTZsvhQucPEGbDydMySILlF1xqRbQByXiIlYK 9KTevvvWbju4q/ARFPwdIZ6HyrPX0U6C2iI6BlQrP2sELSRJ1D4pEcivBgBfFd/7s1Se JA76fSmYyyGiu9rX3MAtPr/E6e3vL3w6GY9Mh0oyHN8N3mWG5kHZXVMRF1SLLCYRuiaY Yb/R/hmLqHsCTgo3NoMRqn3HpCTNRcK5+tcVFwfAzskhM30UVhuMC2o33tymNHWYjdE3 4OKYjTAk7CfAqYl4xV17ug7g14JLg3Mf3BPKPLsW+FF2BCzlDdTse/KHPH9wuQVspfAF EnRA==
X-Gm-Message-State: AFeK/H2TkQQ9KrN1epVkELlcRSpOotp1XdbQQtrbZWHAsay10ZsmWKimlIJ2/efY2UeHm9jjwIFQRWBKLvBV29SU
X-Received: by 10.159.49.81 with SMTP id n17mr350521uab.178.1490797983570; Wed, 29 Mar 2017 07:33:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.8.6 with HTTP; Wed, 29 Mar 2017 07:33:02 -0700 (PDT)
In-Reply-To: <9FC39E28-4285-40F8-8FE9-283FA83B1A0A@dukhovni.org>
References: <CAAFsWK0bCDZmg0csCfXAJ1=jqbOBc7sUUvSg-6ZKjxuAQKmQPA@mail.gmail.com> <455EC3FC-9140-40D3-88F8-77990B7C7DD0@vpnc.org> <CAAFsWK2z1AR6RZToQvw7s_t_u+333Jyk6pUQ5KznbsrQGxkvgQ@mail.gmail.com> <C54BF614-378D-4A0A-964F-AE372E064D42@vpnc.org> <1DA6DC8F-CA06-4453-96E6-D8D257555437@dukhovni.org> <CAAFsWK1Jeq18mLsKJpv3DJzhrHzX1Z=rQpyxX5TmF+AOLX8-3Q@mail.gmail.com> <9FC39E28-4285-40F8-8FE9-283FA83B1A0A@dukhovni.org>
From: Wei Chuang <weihaw@google.com>
Date: Wed, 29 Mar 2017 09:33:02 -0500
Message-ID: <CAAFsWK09KAsYSsDP0mMijYU7E6uw=JyL78kWGiwyJNrn_r3hSw@mail.gmail.com>
To: Viktor Dukhovni <ietf-dane@dukhovni.org>
Cc: trans@ietf.org, IETF DANE Mailinglist <dane@ietf.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="f403045ddecc467831054bdf7487"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/vgcPfKdGCLGn9U_HHLhrzhMavqQ>
Subject: Re: [Trans] [dane] CT for DNSSEC
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2017 14:33:07 -0000
Thanks very much Viktor that explanation of NSEC(3). Just one follow up idea: On Mon, Mar 20, 2017 at 6:00 PM, Viktor Dukhovni <ietf-dane@dukhovni.org> wrote: > > > On Mar 20, 2017, at 6:43 PM, Wei Chuang <weihaw@google.com> wrote: > > > >>> No, this is because the parent can spoof any data for the child. > >>> It is unrelated to DNSSEC. > >> > >> With qname minimization, the parent will first need to deny an NS > >> RRset for the child, and those DOE records are better candidates > >> for logging than routine non-NS queries. > > > > Can you expand on how the the DOE record (which I assumes means > > denial-of-existence) could work with an adversarial parent? > > Yes, DOE is denial of existence. When the child sends NS queries > as part of qname minimization a negative response (no NS records) > will include signed NSEC(3) records to that effect, signed by the > parent zone. These are candidates for logging. > Understood now I think. > The key question is how to avoid logging ridiculous volumes of > data that can DoS any log service and also disclose too much. > +1 as this is logging NSEC(3) would make the logging rate proportional to all RR churn. Let put out an idea to attempt to mitigate this. (And apologies ahead of time if this is obviously wrong as I'm pretty new at DNS/DNSSEC) For this, the main thing this is trying to track is the existence of DS and its DOE. Why not create an explicit Non-existence of DS (NDS) RR that gets logged along with DS and NS? The effect is then is that every NS will then have either a DS or NDS RR. Then the rate of logging becomes proportional to max of NS and DS changes. I suspect NDS won't have the same enumeration problems as the NSEC(3) since lacks next-signed link, and is paired with an NS record anyways. Also NDS does not change NSEC(3) behavior DOE behavior. (To be complete there could be a policy declaration mechanism for this but that's details). -Wei
- Re: [Trans] [dane] CT for DNSSEC Wei Chuang
- [Trans] CT for DNSSEC Wei Chuang
- Re: [Trans] [dane] CT for DNSSEC Paul Hoffman
- Re: [Trans] CT for DNSSEC Linus Nordberg
- Re: [Trans] [dane] CT for DNSSEC Wei Chuang
- Re: [Trans] CT for DNSSEC Wei Chuang
- Re: [Trans] [dane] CT for DNSSEC Paul Hoffman
- Re: [Trans] [dane] CT for DNSSEC Viktor Dukhovni
- Re: [Trans] CT for DNSSEC Linus Nordberg
- Re: [Trans] [dane] CT for DNSSEC Wei Chuang
- Re: [Trans] [dane] CT for DNSSEC Wei Chuang
- Re: [Trans] [dane] CT for DNSSEC Viktor Dukhovni
- Re: [Trans] CT for DNSSEC Paul Wouters
- Re: [Trans] [dane] CT for DNSSEC Wei Chuang
- Re: [Trans] [dane] CT for DNSSEC Viktor Dukhovni
- Re: [Trans] [dane] CT for DNSSEC Paul Wouters
- Re: [Trans] [dane] CT for DNSSEC Tony Finch