[dns-operations] Evaluation of NSEC3-encloser attack

John Levine johnl at taugh.com
Wed Mar 27 22:22:23 UTC 2024

It appears that Jim Reid <jim at rfc1035.com> said:
>> On 27 Mar 2024, at 19:37, Ondřej Surý <ondrej at sury.org> wrote:
>> Both salt and iterations have absolutely no value for NSEC3 security (see the RFC you just quoted), so just always use empty salt and zero iterations.
>There’s no added value in fiddling with salt to fit into the SHA1 block.
>IMO, there’s no added value in using NSEC3.

My understanding is that if you want to prevent zone enumeration you
are better off with RFC 4470 white lies. You'd only need NSEC3 if your
zone security is so critical that you need to do offline signing.

But the overlap between the zones that are that critical and the ones
that try to keep their contents secret (realizing that passive DNS
makes the whole thing pretty silly) is vanishingly small.


More information about the dns-operations mailing list