[dns-operations] NSEC3 parameter selection (BCP: 1 0 0 -)
vladimir.cunat+ietf at nic.cz
Mon Jan 18 20:53:20 UTC 2021
On 1/18/21 7:55 PM, Viktor Dukhovni wrote:
> The non-empty salt is pointless, but basically harmless.
> 1. Every zone is effectively already salted, because as you
> note below the hash covers the FQDN.
> 2. Changing the salt takes some care, so "nobody" does it.
> 3. Combining 1 and 2 we conclude that a fixed salt is no
> better than an empty salt.
OK. I do agree that salt is pointless *unless* rotated. Even the
original RFC 5155 clearly says that "The salt SHOULD be changed
periodically". And to me it just... seemed relatively easy to do, if
you already do resigning, rotating *SKs, etc. Both technically and in
year 2016 in this case)
The best part IMHO is that rotating a few bytes of salt is relatively
easy and cheap for the good guys, in comparison to how much it hinders
dictionaries. Properties of the iteration count seem far worse.
> It would be good to see all the iteration counts drop to 10 or less,
> ideally just 0.
Certainly. 100 iterations seems ridiculous to me and I'm surprised the
number got such a large share, though perhaps I'm personally biased
against trying to hide contents of common TLD zones by NSEC3.
More information about the dns-operations