On 14. 02. 24 14:37, Joe Abley wrote:
Op 14 feb 2024 om 13:46 heeft Edward Lewis <edward.le...@icann.org> het
volgende geschreven:
On 2/14/24, 04:40, "DNSOP on behalf of Petr Špaček" <dnsop-boun...@ietf.org on
behalf of pspa...@isc.org> wrote:
In my mind this is good enough reason to outlaw keytag collisions -
without them it would be _much_ easier to implement reasonable limits
without risk of breaking legitimate clients.
That would make key tags meaningful. ;--)
The question is how, in a multi-signer friendly way.
To be honest it feels like there as many opportunities for accidents by
imposing restrictions on publishing duplicate keytags as there are by consuming
them. Your text summarised a few of them quite nicely, Ed, without even
considering the new opportunities for failure due to the interplay between
systems following any new rules that might be imposed and those that don't.
Is the triggering incident not just another cautionary note that we learn from?
Why is this particular incident a sign that we need to change the protocol when
so many others have not been?
These seem like questions that deserve convincing answers before jumping ahead
to how a new restriction might be structured.
Let me turn the question around:
How many keytag collisions are you willing to allow & at the same time
protect validators from 2023-50387?
--
Petr Špaček
Internet Systems Consortium
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
