> On 22 Oct 2021, at 4:48 am, Vladimír Čunát <vladimir.cunat+i...@nic.cz> wrote:
>
> Example micro-benchmark doing just the NSEC3 hashing shows that even quite
> long 32B salt has little effect but 255B adds a noticeable multiplicative
> factor. Therefore I'd suggest that NSEC3 records with salt > 32B may be
> ignored or something similar; I don't expect they really exist in practice
> and we still shave some factor from attacks. That's all assuming we can't
> afford pushing the validator limits very close to zero iterations.
The observed salt lengths from my NSEC3 scan were, so there's a large cluster
of ~291k zones with 40 byte salts. It looks like the recent burst of signing
by hostpoint.ch used that salt length. We could suggest they reconsider that
choice.
The small cluster of 125 zones with 64 byte salts looks dominated by
(but not exclusive to) kilobajt.sk.
The 3 outliers at 255 were: matejgroma.com, saren.sa and saren.org.sa.
0 167477
1 2010575
2 237576
3 15971
4 965075
5 1164236
6 11130
7 1224
8 7465501
9 909
10 1821
11 928
12 17848
13 884
14 982
15 158
16 87950
17 25
18 59
19 136
20 7221
21 216
22 193
23 220
24 9192
25 125
26 123
27 96
28 51
29 44
30 38
31 33
32 584
33 11
34 10
35 5
36 3
37 1
39 1
40 291294
44 1
64 125
120 1
128 1
255 3
--
Viktor.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
