Questions from the draft, with my proposed answers from watching the discussion thread so far.
--Paul Hoffman * New DNSKEY algorithms MUST have DNSKEY RRsets that do not have colliding key tags - A possibly better way to word this is "definitions of new DNSKEY algorithms must include rules that prohibit signers from creating DNSKEY RRsets whose members have the same key tag". * What about existing algorithms? Should we have new aliases for existing algorithms that allow us to incorporate the non collision requirement? - No. Protocols with two ways to same the same thing are more fragile. A much better way to get mostly there is to say that any updated signing software for current algorithms MUST NOT create DNSKEY RRsets whose members have the same key tag. * Can we propose a future flag date after which existing algorithms will be required to enforce this requirement? - Yes, if we want to cause perfectly secure sites to fail validation for reasons that the site owners will not understand, and that can only be solved by the site owners doing something that no one suggested to them before, namely re-signing their zones. Otherwise, no. * Outline the general process by which key generation software should ensure uniqueness of keytags. - Sure. * Special considerations for multi-signer [RFC8901] configurations, where multiple distinct parties generate their own keys for the same zone (i) partition the keytag space between each signer/ provider, and have each provider re-generate keys if necessary until they obtain one whose keytag is contained in their partition (ii) Use a central key broker to enforce keytag uniqueness, (iii) each signer when generating new keys, queries all DNSKEYs in the multi-signer group to avoid colliding keys. To avoid race conditions, ideally the providers should not generate keys at the same time, and plausibly the zone owner could enforce non- conflicting key generation schedules across the multi-signer group. - Sure. * Describe what to do when a validator encounters a zone with both old and new DNSKEY algorithm numbers. - Nothing special. There is no security issue for those validators as soon as they look at the full key, not just the key tag as index. * For possible discussion: recommend the use DNS cookies to avoid offpath computational DoS attacks. - That would have to be spelled out in much more detail before anyone can decide if that's a good idea. _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
