Hi, I'm not sure if this response is directed at me, so I'll respond as if it was as to not come across as a time-out ;-)
On 10/14/25 14:33, Philip Homburg wrote:
Because key tag collisions are extremely rare, I got to the following reasoning: Key tag collisions are rare so my validator will accept a single key tag collision and will treat more than one collision as an attack and return DNSSEC bogus. So yes, an attacker can introduce collisions, but the effect will be limited.
Agree. Another way would be to not try more than 3 or 4 keys in general, or to not allow more than 1 failure, without regard to keytag. So, not sure if keytag logic is key in preventing DoS related to bogus keys.
From a statistical point of view, if we look at DNSKEY RRsets with at least two keys then one in 30,000 should have a collision (assuming keys are generated randomly). In practice the observed number of collisions is a lot lower. So my conclusion is that most zones are signed by a signer that actively avoids collisions.
Agree.
Given that avoiding collisions is common practice and that it is a desirable feature, we can say that avoiding collisions is best common practice. So why not document that. Why not figure out what is holding back the remaining signers that do generate collisions? There seems to be a vocal group with signers that generates collisions that don't want to discuss technical aspects of their signers. But do want to block any BCP that says that not generating collisions is common practice and that all signers need to avoid generating collisions.
Just for the record, I'm not arguing against that. I'm neutral w.r.t. such a document. Best, Peter _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
