* Paul Hoffman [2017-01-05 18:05]: >> NSEC3 lies work today, but people worry that NSEC3 might have server >> compromise compromise the ZSK. > > NSEC3 lies can also be created with pre-computing, but at a cost of > greatly increasing the size of the zone.
NSEC/NSEC3 lies prevent enumeration effectively when they're minimally covering because it's infeasible to ever collect such a chain. A pre-computed chain does not provide the same benefit. It increases the enumeration cost in terms of network queries (CPU time is of less importance here because the collection process is network-bound except for the very last few NSEC3 records). Enumeration remains feasible with pre-computed chains unless you re-salt and re-sign the zone in an interval, which is shorter than the duration needed to send one query for each NSEC3 record in a zone. Regards, Matt
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
