[dns-operations] any registries require DNSKEY not DS?

Viktor Dukhovni ietf-dane at dukhovni.org
Thu Jan 23 02:22:12 UTC 2020


On Thu, Jan 23, 2020 at 12:12:15AM +0000, Tony Finch wrote:

> By default dnssec-cds copies CDS records to make DS records, and the
> question of SHA-256 or something else only arose when it was asked to turn
> CDNSKEY records into DS records. But if the CDS records are generated by
> some ancient code from before the dawn of time, such as BIND 9.14 on my
> production servers, there will be SHA-1 CDS records which will be copied
> to the DS records. Sadface, RFC 8624 protocol violation.

But SHA-1 is still quite safe as a DS digest type, the problematic use
is SHA-1 RRSIGs.  In the context of DS RRs, only 2nd-preimage attacks
matter, and the prospect of those *even against MD5* is still remote.

Which is not to say that one should continue to use SHA-1 in DS RRs,
there but there is little risk in doing for the foreseable future.

-- 
    Viktor.



More information about the dns-operations mailing list