On 30/07/2021 17.30, Ben Schwartz wrote:
It seems like there's still interest in DS hacks. Here's how I would do a DS hack.1. Use the VERBATIM hash from https://datatracker.ietf.org/doc/html/draft-vandijk-dnsop-ds-digest-verbatim <https://datatracker.ietf.org/doc/html/draft-vandijk-dnsop-ds-digest-verbatim>2. Use a new Algorithm Number like https://datatracker.ietf.org/doc/html/draft-fujiwara-dnsop-delegation-information-signer-00 <https://datatracker.ietf.org/doc/html/draft-fujiwara-dnsop-delegation-information-signer-00>. This number is named "DS Glue", and MUST only be used with the VERBATIM hash.3. In the digest field, encode one "DS glue" record as follows: struct DSGlueFakeDigest { uint16 rr_type; DNSName prefix; // Labels prepended to the DS owner name. uint8[] rdata; }DS-glue-aware resolvers ignore any unsigned glue with this RR type and owner name.
So this is generic, and can store any record. We don't need TTL since this is just for glue and really shouldn't be cached, and we don't need class because we don't ever need class. 😉
This can't store out-of-bailiwick data, which means we can't secure an arbitrary NS RRset this way. Converting DNSName from "prefix" to just "name" would allow that. This seems useful as it would eliminate a potential means for an attacker to get you to connect to their servers (which is, spoofing a reply with a bogus NS RRset, since delegation NS are not signed in DNSSEC because DNS is stupid).
4. For ADoX, place NS records (with a prefix like "ns3.") and SVCB records (with a prefix like "_dns.ns3.") in the DS glue.
-- Shane
OpenPGP_0x3732979CF967B306.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy
