On Thursday, March 12, 2015 11:31:37 AM Florian Weimer wrote: > On 03/12/2015 11:15 AM, Jan Včelák wrote: > > On Wednesday, March 11, 2015 09:52:55 AM Nicholas Weaver wrote: > >> Why not just do something simpler? The only thing NSEC5 really differs > >> in a way that counts is not in the NSEC record but really just the > >> DNSKEY handling, having a separate key used for signing the NSEC* > >> records. > >> > >> So why define NSEC5 at all. > >> > >> Instead, just specify a separate flag for the DNSKEY record, "NSEC-only", > >> sign the NSEC3 dynamically, bada bing, bada boom, done! > > > > This would not work. Anyone holding the NSEC-only private key could fake > > denying answers for the zone. So if your zone is slaved by a less-trusted > > party, they could still manipulate your zone. This is not possible with > > NSEC5. > They can still respond with SERVFAIL instead of supplying a signed > answer, achieving roughly the same result. > > A better argument would be support for opt out, where signatures from > the online key could introduce unauthorized positive answers. It's > still not a very strong argument, admittedly. The DNS software itself > is likely signed by a key which is kept online (more or less). Online > keys are less threatening than they used to be, and we aren't even > talking about long-term keys baked into software, but short/medium-term > keys which are easily replaced. > > And does anyone actually use opt out with NSEC3?
Yes, .com for example. My impression was that Opt-Out was the selling point of NSEC3, not the domain name hashing. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
