On Thu, Oct 8, 2020 at 7:18 AM Robert Wilton via Datatracker
<nore...@ietf.org> wrote:
> Robert Wilton has entered the following ballot position for
> draft-ietf-dnsop-dns-zone-digest-12: No Objection
>
> ...
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> ...
>
>     2.2.4.  The Digest Field
>
>        The Digest field MUST NOT be shorter than 12 octets.  Digests for the
>        SHA384 and SHA512 hash algorithms specified herein are never
>        truncated.  Digests for future hash algorithms MAY be truncated, but
>        MUST NOT be truncated to a length that results in less than 96-bits
>        (12 octets) of equivalent strength.
>
> When I read this, I wonder why the limit of 12 bytes was chosen.  Possibly a
> sentence that justifies why this value was chosen might be useful, noting that
> the two suggested algorithms have significantly longer digests.

To me, the purpose of the limit is to establish a minimum strength
against brute force attacks. Of course, the hash algorithm also has to
be strong but the length of the Digest field puts a sharp limit on the
strength of a ZONEMD.

Note that for the same reason there is a similar provision from 2006
in RFC 4635, Section 3.1, point 4, which sets a minimum size of 10
bytes for the hashes that appear in TSIG RRs.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e...@gmail.com

>     ...
>
> Regards,
> Rob

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to