> On 25 Mar 2022, at 03:50, Ulrich Wisser wrote:
>
> Hi Mark,
>
> Sorry for the late answer, IETF and some other stuff keeps me busy.
>
>
> Let’s start with this
>
> We did not and do not propose to remove anything from RFC 4035. Currently we
> are asking for RFC 6840 to be amended
>
>
On Thu, Mar 24, 2022 at 9:53 AM Ulrich Wisser wrote:
> Hi Mark,
>
> Sorry for the late answer, IETF and some other stuff keeps me busy.
>
>
> Let’s start with this
>
> *We did not and do not propose to remove anything from RFC 4035. Currently
> we are asking for RFC 6840 to be amended *
>
> *RFC
Hi Mark,
Sorry for the late answer, IETF and some other stuff keeps me busy.
Let’s start with this
We did not and do not propose to remove anything from RFC 4035. Currently we
are asking for RFC 6840 to be amended
RFC 6840 Section 5.11
This requirement applies to servers, not validators.
Also the whole point of mandatory to implement (which includes business
practices) is to prevent cases like this.
If a business wants to lie to its customers about supporting DNSSEC it should
be taken to court, preferably by
bodies like the ACCC.
As for migration between providers, provided
If we assume the existing install base of resolvers isn't going away, then
I don't see how we could relax the requirement. There are already deployed
resolvers enforcing it. You would need a "flag day" to deprecate them,
which could not happen for many years.
This seems a lot harder than just
Hi Ben,
The proposal is not to remove the possibility of double signatures, but to
relax the requirement so that other use cases become possible.
Our use case is the transition from one dns provider to another without going
insecure. If both use the same algorithm you can use the multi-signer
On the other hand, do you know any zones that permanently (other than
active roll-over) sign with two algorithms in parallel? AFAIK this is
_not_ the usual way how new algorithms are being rolled out. I guess new
algorithms would continue to be adopted in the same way: first wide
enough
Hi Libor,
You are absolutely right. The problem is not easily solved.
We will need a way to signal when this is ok and when not.
My own security assessment goes like this:
If the domain is in transition from one signer to another and a resolver only
supports one of the algorithms, the
I'm concerned about this. Concretely, this seems like it would raise a
major barrier to rolling out new algorithms. For example, any zone that
offers ECDSA and RSA signatures would be insecure for any RSA-only
resolvers. It's hard to see how new algorithms could be adopted at scale
if this rule