Re: draft-ietf-dnsext-dnssec-gost

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I agree with Steve's and Paul's analyses.
In addition, it's not clear to me how this SHOULD-level requirement squares with the IANA registration of this algorithm as OPTIONAL (in Section 8), since in RFC 2119 OPTIONAL == MAY. The document that defines that registry (draft-ietf-dnsext-dnssec-registry-fixes) does not allow algorithms to be RECOMMENDED, so it seems like the requirement for support has to be either a MUST or a MAY to be consistent with the registry. 

--Richard



On Feb 11, 2010, at 4:24 PM, Paul Hoffman wrote:


At 4:04 PM -0500 2/11/10, Andrew Sullivan wrote:

So the question here is not what algorithms get "first class" status
in general, but whether we want to have different classes of support
for DNSSEC, given the current conditions.


First off, thank you for better stating the question.
There are a plethora of signing algorithms. Note that a signing algorithm consists of a public key algorithm *and* a hash algorithm.
The question here is whether they also have SHOULD-level requirements to process every signing algorithm that is in the IANA registry. Having such a requirement gives attackers a much wider target: in order to spoof a signature, they can pick the weakest of a large collection of algorithms.
For example, there is already a published attack on the GOST hash function that does not exist in SHA-256 and SHA-512. The GOST algorithms have had much less cryptographic review than other algorithms. If that attack becomes practical, an attacker can create signatures using GOST that he/she could not create in RSA/SHA-256 or RSA/SHA-512.
Given this, the answer to the question should be "no, not all algorithms automatically get SHOULD-level requirements". The IETF can, on a case-by-case basis, decide if they want to update the base DNSSEC spec to include a SHOULD-level or MUST-level requirement for a new signature algorithm. 

--Paul Hoffman, Director
--VPN Consortium
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]