[dns-operations] any registries require DNSKEY not DS?

Viktor Dukhovni ietf-dane at dukhovni.org
Thu Jan 23 21:20:27 UTC 2020


On Thu, Jan 23, 2020 at 09:38:00PM +0100, Florian Weimer wrote:

> >> In answer to the converse question, at least some registries appear to
> >> allow (or have allowed in the past) DS RRs with unverified content:
> >
> > This actually seems OK to me -- nonsensical, but OK.
> 
> It makes attacks on the underlying hash function for the DS record
> easier.  Constructing colliding prefixes is much harder if the prefix
> itself contains the hash over something else (because you also have to
> construct that something).

Yes, if at some future time (not expected any time soon) practical
chosen-prefix collision attacks are discovered against SHA2-256, they
would be rather difficult to mount against a parent zone when the DS RR
payload is computed from the DNSKEY by the registrey.

This is not presently the primary reason to validate parameters,
generally the reason to do that is to keep the namespace largely free of
obvious breakage, reducing support costs, improving the image of the
TLD, and promoting adoption of DNSSEC best-practices.

-- 
    Viktor.



More information about the dns-operations mailing list