On Fri, Mar 13, 2020 at 05:28:03PM -0400, Viktor Dukhovni wrote:
> Treating them as unsigned is fine for setting the AD bit, but not
> returning the RRSIG when a downstream iterative resolver sets DO=1 (even
> with CD=1) means that downstream resolvers that still validate DSA
> now consider the domain "bogus", not just unsigned.
>
> The new RFC8624 (https://tools.ietf.org/html/rfc8624#section-3.1) status
> of DSA-NSEC3-SHA1 (6) as "MUST NOT" for both signing and validation is
> less than one year old, and there are still fielded resolvers that have
> not been updated to ignore it, including "unbound" 1.9.6, which was,
> prior to Feb 20th, the latest release. [ My DANE survey is presently
> running on a Fedora 31 system with unbound 1.9.6. ]
That said the "MUST NOT" validate algorithms from that table have the
following frequencies in the wild based on my (unavoidably incomplete)
survey of ~10.8 million signed domains:
dane=> select count(distinct qname), alg from ds where alg in (1,3,6) group
by 2 order by 1 desc;
count | alg
-------+-----
288 | 1
234 | 3
40 | 6
So the scope of the problem is admittedly rather modest, affecting fewer
than 600 of the ~10.8 million domains.
--
Viktor.
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
