On Mon, Feb 28, 2022 at 03:43:59PM +0100, Petr Špaček wrote: > Keep this: > >>> 3.2. Recommendation for validating resolvers > >>> Note that a validating resolver MUST still validate the signature > >>> over the NSEC3 record to ensure the iteration count was not altered > >>> since record publication (see [RFC5155] section 10.3). > > And here add this as continuation of the previous sentence? > > ... because the invalid signature might have additional implications. > E.g. EDE code, or insecure validation status if an implementation chose > to treat certain range of NSEC3 iteration values as DNSSEC-insecure etc. > > (modulo grammar fixes etc., of course) > > I think this makes the reason clear to everyone and also makes it > somewhat legal to ignore signature validation it IF "visible outcome" > does not change by doing so. > > What do you think?
I don't understand this comment, the reason for the signature check is that otherwise we get trivial downgrade attacks. NSEC3 replies from a signed zone with an invalid signature MUST be treated as "bogus". What did you have in mind? What does "visible outcome" mean? -- Viktor. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop