On Sun, 21 Feb 2010, Eric Rescorla wrote:
> On Sun, Feb 21, 2010 at 4:22 PM, Mark Andrews <ma...@isc.org> wrote:
> > Actually NSEC is technically better at proving non-existance. NSEC3
> > has a non zero false positive rate due to the fact that the names
> > are hashed. NSEC has a zero false positive rate.
> >
> > This is not to say the false positive rate is high enough to stop
> > using NSEC3, but that it needs to be acknowledged.
>
> Unless I'm misreading the specifications, unless you're using an extremely
> poor or short hash function, the probability of false positive is vanishingly
> small (order 2^{-100}). This shouldn't be acknowledged, but rather
> should be ignored. Moreover, it appears that NSEC3 has a mechanism
> for dealing with it in S C.2.1 (pointless, IMO...)
>
> So, I don't see what the issue is.
+1, total and complete agreement. I am adamantly opposed to including
any text about SHA1 hash collisions in an NSEC3 context.
Matt
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
