[dns-operations] Missing algorithm 8 signatures in .museum zone

Viktor Dukhovni ietf-dane at dukhovni.org
Thu Nov 16 22:40:49 UTC 2017



> On Nov 16, 2017, at 5:08 PM, Mark Andrews <marka at isc.org> wrote:
> 
> If a algorithm is too weak then it should not be used to validate at all.
> Insecure is an acceptable status.  If it is not too weak the what is the
> issue with using any algorithm?
> 
> A downgrade attack can only be successful if you continue to use a
> algorithm once it has been broken.

Yes, but when an algorithm is broken (or more typically develops enough
issues to be questionably secure) it is often not possible to promptly
withdraw it from service.  When multiple algorithms are fielded, it is
advantageous for the verifier to use just the strongest that is mutually
supported.

With DNSSEC, such agility of course carries the cost of requiring every
RRset's RRSIG to be signed with *all* the algorithms in the DS RRset.
So if the consensus is now that this is too burdensome a requirement,
then perhaps this benefit of agility is lost, and so migration away
from weakened algorithms would not immediately close the hole when
a stronger one is added, but rather only when the weaker one is
withdrawn...

-- 
-- 
	Viktor.




More information about the dns-operations mailing list