On Thu, Oct 8, 2020 at 7:18 AM Robert Wilton via Datatracker <nore...@ietf.org> wrote: > Robert Wilton has entered the following ballot position for > draft-ietf-dnsop-dns-zone-digest-12: No Objection > > ... > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > ... > > 2.2.4. The Digest Field > > The Digest field MUST NOT be shorter than 12 octets. Digests for the > SHA384 and SHA512 hash algorithms specified herein are never > truncated. Digests for future hash algorithms MAY be truncated, but > MUST NOT be truncated to a length that results in less than 96-bits > (12 octets) of equivalent strength. > > When I read this, I wonder why the limit of 12 bytes was chosen. Possibly a > sentence that justifies why this value was chosen might be useful, noting that > the two suggested algorithms have significantly longer digests.
To me, the purpose of the limit is to establish a minimum strength against brute force attacks. Of course, the hash algorithm also has to be strong but the length of the Digest field puts a sharp limit on the strength of a ZONEMD. Note that for the same reason there is a similar provision from 2006 in RFC 4635, Section 3.1, point 4, which sets a minimum size of 10 bytes for the hashes that appear in TSIG RRs. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e...@gmail.com > ... > > Regards, > Rob _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop