> On Sep 29, 2020, at 6:42 AM, libor.peltan <libor.pel...@nic.cz> wrote: > > Hi Joe, > > Dne 29.09.20 v 15:03 Joe Abley napsal(a): >> The other use case I seem to think you're implying is that a consumer of the >> signed zone could verify that it was intact using the signed-zone ZONEMD, >> then strip the DNSSEC RRs and retain the ability to verify that the result >> was an accurate representation of the unsigned zone using the unsigned-zone >> ZONEMD. This seems like a slightly odd thing to want to do, but perhaps I'm >> just not thinking hard enough? >> >> >> Joe > > yes, something like this. > > My initial thought was that the signer, which converts the un-signed zone by > adding signatures and keys, might not be able to compute/update the ZONEMD > record. > > It might also be useful, when the zone is only re-signed and otherwise > unchanged, if the zone checksum was unchanged. > > I'm not sure. This is just a thing to be thought of. > > I would love if there was a bit flag indicating if the checksum has been > computed including DNSSEC records, or without them. This would let the > freedom of choice on the users, while adding some complexity to software > implementation. > > Thanks for consideration, > > Libor
Joe's response was very good, especially with respect to signed and unsigned being two different zones. During the working group discussions, we often heard the opinion that ZONEMD is not reliable without DNSSEC signatures. Without a signature on the ZONEMD record, an adversary can easily change the digest to match changes to zone content. I expect in most cases digest calculation will be done at the same time as zone signing. There is no flags field, but you could probably accomplish your goal with a new or private use scheme code point. That is, you could define a collation scheme that excludes DNSSEC RR types during digest calculation. If there were a proposal to standardize such a scheme, the concern I would have is that it complicates the meaning of zone digest verification. It would essentially be verifying a subset of the zone, which is not as strong as verifying the full zone. DW
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
