On 1/18/21 7:55 PM, Viktor Dukhovni wrote:
The non-empty salt is pointless, but basically harmless. [...] Because:1. Every zone is effectively already salted, because as you note below the hash covers the FQDN. 2. Changing the salt takes some care, so "nobody" does it. 3. Combining 1 and 2 we conclude that a fixed salt is no better than an empty salt.
OK. I do agree that salt is pointless *unless* rotated. Even the original RFC 5155 clearly says that "The salt SHOULD be changed periodically". And to me it just... seemed relatively easy to do, if you already do resigning, rotating *SKs, etc. Both technically and in practice: https://www.knot-dns.cz/docs/3.0/singlehtml/#nsec3-salt-lifetime (since year 2016 in this case)
The best part IMHO is that rotating a few bytes of salt is relatively easy and cheap for the good guys, in comparison to how much it hinders dictionaries. Properties of the iteration count seem far worse.
It would be good to see all the iteration counts drop to 10 or less, ideally just 0.
Certainly. 100 iterations seems ridiculous to me and I'm surprised the number got such a large share, though perhaps I'm personally biased against trying to hide contents of common TLD zones by NSEC3.
--Vladimir _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
