On Jul 25, 2024, at 17:34, Shumon Huque <shu...@gmail.com> wrote: > > Folks, > > For discussion ... > > Mark Andrews, Elias Heftrig, and I have a new draft on collision free key > tags in DNSSEC. This topic has been in the air since the Keytrap > vulnerability disclosure -- and IETF120 hallway track conversations this week > prompted us to write up a rough initial proposal for this. Will need much > more fleshing out of details etc, but we hope this can serve as a starting > point ... > > https://datatracker.ietf.org/doc/html/draft-huque-dnsop-keytags-00 > [datatracker.ietf.org]
The problems are listed as: Colliding key tags impose additional work on a validating resolver, which then has to check signatures for each of the candidate set of keys identified by the Key Tag. Furthermore, they open up resolvers to computational denial of service attacks by adversaries deploying specially crafted zones with many intentionally colliding key tags [KEYTRAP]. The main part of the proposed solution is listed as: DNSKEY algorithms MUST have DNSKEY RRsets that do not have colliding key tags There is a mismatch here. If the worry is an attacker creating colliding key tags to cause more work, that attacker is simply going to ignore the MUST requirement. --Paul Hoffman _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
