On Tue, 23 Feb 2021, Ben Schwartz wrote:
Inspired by some recent discussions here (and at DNS-OARC), and hastened by the draft cut-off, I present for your consideration "DNSSEC Strict Mode": https://datatracker.ietf.org/doc/html/draft-schwartz-dnsop-dnssec-strict-mode-00 Abstract: Currently, the DNSSEC security of a zone is limited by the strength of its weakest signature algorithm. DNSSEC Strict Mode makes zones as secure as their strongest algorithm instead.
But why is that a problem? I assume that: 1) A regular zone has 1 algorithm 2) If there are two algorithms, the zone is moving from one to another 3) Accepting the outgoing algorithm during the migration is basically harmless Am I making a wrong assumption here? Also, we went out of our way to avoid specifying which algorithm is "weaker" or "stronger" for good reasons, as people will disagree on this, but the code path has to put something in. Better not to have this assumption baked in at all. Case in point, harden-algo-downgrade: yes in unbound deems ecdsap256sha256 to be a downgrade from rsasha256. Paul _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
