| < draft-ietf-dnsext-dnssec-algo-signal-06.txt | draft-ietf-dnsext-dnssec-algo-signal-07.txt > | |||
|---|---|---|---|---|
| DNS Extensions Working Group S. Crocker | DNS Extensions Working Group S. Crocker | |||
| Internet-Draft Shinkuro Inc. | Internet-Draft Shinkuro Inc. | |||
| Intended status: Standards Track S. Rose | Intended status: Standards Track S. Rose | |||
| Expires: November 2, 2012 NIST | Expires: December 16, 2012 NIST | |||
| May 1, 2012 | June 14, 2012 | |||
| Signaling Cryptographic Algorithm Understanding in DNSSEC | Signaling Cryptographic Algorithm Understanding in DNSSEC | |||
| draft-ietf-dnsext-dnssec-algo-signal-06 | draft-ietf-dnsext-dnssec-algo-signal-07 | |||
| Abstract | Abstract | |||
| The DNS Security Extensions (DNSSEC) were developed to provide origin | The DNS Security Extensions (DNSSEC) were developed to provide origin | |||
| authentication and integrity protection for DNS data by using digital | authentication and integrity protection for DNS data by using digital | |||
| signatures. These digital signatures can be generated using | signatures. These digital signatures can be generated using | |||
| different algorithms. This draft sets out to specify a way for | different algorithms. This draft sets out to specify a way for | |||
| validating end-system resolvers to signal to a server which | validating end-system resolvers to signal to a server which digital | |||
| cryptographic algorithms and hash algorithms they support. | signature and hash algorithms they support. | |||
| Requirements Language | Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| document are to be interpreted as described in RFC 2119 [RFC2119]. | "OPTIONAL" in this document are to be interpreted as described in RFC | |||
| 2119 [RFC2119]. | ||||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on November 2, 2012. | This Internet-Draft will expire on December 16, 2012. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2012 IETF Trust and the persons identified as the | Copyright (c) 2012 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 11 ¶ | skipping to change at page 3, line 11 ¶ | |||
| 8. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 | 8. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 | |||
| 9. Normative References . . . . . . . . . . . . . . . . . . . . . 7 | 9. Normative References . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 1. Introduction | 1. Introduction | |||
| The DNS Security Extensions (DNSSEC) [RFC4033], [RFC4034] and | The DNS Security Extensions (DNSSEC) [RFC4033], [RFC4034] and | |||
| [RFC4035] were developed to provide origin authentication and | [RFC4035] were developed to provide origin authentication and | |||
| integrity protection for DNS data by using digital signatures. Each | integrity protection for DNS data by using digital signatures. Each | |||
| digital signature RR (RRSIG) contains an algorithm code number. | digital signature RR (RRSIG) contains an algorithm code number. | |||
| These algorithm codes tells validators which cryptographic algorithm | These algorithm codes tell validators which cryptographic algorithm | |||
| was used to generate the digital signature. | was used to generate the digital signature. | |||
| Likewise, Delegation Signer (DS) RR's and NSEC3 RR's use a hashed | Likewise, Delegation Signer (DS) RRs and NSEC3 RRs use a hashed value | |||
| value as part of their RDATA and, like digital signature algorithms, | as part of their RDATA and, like digital signature algorithms, these | |||
| these hash algorithms have code numbers. All three algorithm codes | hash algorithms have code numbers. All three algorithm codes (RRSIG/ | |||
| (RRSIG/DNSKEY, DS and NSEC3) are maintained in unique IANA | DNSKEY, DS and NSEC3) are maintained in unique IANA registries. | |||
| registries. | ||||
| This draft sets out to specify a way for validating end-system | This draft sets out to specify a way for validating end-system | |||
| resolvers to tell a server in a DNS query which digital signature | resolvers to tell a server in a DNS query which digital signature | |||
| and/or hash algorithms they support. This is done using the new EDNS | and/or hash algorithms they support. This is done using the new EDNS | |||
| options specified below in Section 2 for use in the OPT meta-RR | options specified below in Section 2 for use in the OPT meta-RR | |||
| [I-D.ietf-dnsext-rfc2671bis-edns0]. | [I-D.ietf-dnsext-rfc2671bis-edns0]. | |||
| These proposed EDNS options serve to measure the acceptance and use | These proposed EDNS options serve to measure the acceptance and use | |||
| of new digital signing algorithms. These signaling options can be | of new digital signing algorithms. These signaling options can be | |||
| used by zone administrators as a gauge to measure the successful | used by zone administrators as a gauge to measure the successful | |||
| deployment of code that implements a newly deployed digital signature | deployment of code that implements newly deployed digital signature | |||
| algorithm, DS hash and NSEC3 hash algorithm used with DNSSEC. A zone | algorithm, DS hash and NSEC3 hash algorithm used with DNSSEC. A zone | |||
| administrator may be able to determine when to stop signing with a | administrator is able to determine when to stop signing with a | |||
| superseded algorithm when the server sees that a significant number | superseded algorithm when the server sees that a significant number | |||
| of its clients signal that they are able to accept the new algorithm. | of its clients signal that they are able to accept the new algorithm. | |||
| Note that this survey may be conducted over the period of years | Note that this survey may be conducted over the period of years | |||
| before a tipping point is seen. | before a tipping point is seen. | |||
| This draft does not seek to introduce another process for including | This draft does not seek to introduce another process for including | |||
| new algorithms for use with DNSSEC. It also does not address the | new algorithms for use with DNSSEC. It also does not address the | |||
| question of which algorithms are to be included in any official list | question of which algorithms are to be included in any official list | |||
| of mandatory or recommended cryptographic algorithms for use with | of mandatory or recommended cryptographic algorithms for use with | |||
| DNSSEC. Rather, this document specifies a means by which a client | DNSSEC. Rather, this document specifies a means by which a client | |||
| query can signal a set of algorithms and hashes it implements. | query can signal the set of algorithms and hashes which it | |||
| implements. | ||||
| 2. Signaling DNSSEC Algorithm Understood (DAU), DS Hash Understood | 2. Signaling DNSSEC Algorithm Understood (DAU), DS Hash Understood | |||
| (DHU) and NSEC3 Hash Understood (N3U) Using EDNS | (DHU) and NSEC3 Hash Understood (N3U) Using EDNS | |||
| The ENDS0 specification outlined in | The EDNS0 specification outlined in | |||
| [I-D.ietf-dnsext-rfc2671bis-edns0] defines a way to include new | [I-D.ietf-dnsext-rfc2671bis-edns0] defines a way to include new | |||
| options using a standardized mechanism. These options are contained | options using a standardized mechanism. These options are contained | |||
| in the RDATA of the OPT meta-RR. This document defines three new | in the RDATA of the OPT meta-RR. This document defines three new | |||
| EDNS options for a client to signal which digital signature and/or | EDNS options for a client to signal which digital signature and/or | |||
| hash algorithms the client supports. These options can be used | hash algorithms the client supports. These options can be used | |||
| independently of each other and MAY appear in any order in the OPT | independently of each other and MAY appear in any order in the OPT | |||
| RR. | RR. | |||
| The figure below shows how each option is defined in the RDATA of the | The figure below shows how each option is defined in the RDATA of the | |||
| OPT RR specified in [I-D.ietf-dnsext-rfc2671bis-edns0]: | OPT RR specified in [I-D.ietf-dnsext-rfc2671bis-edns0]: | |||
| skipping to change at page 4, line 37 ¶ | skipping to change at page 4, line 37 ¶ | |||
| o NSEC3 Hash Understood (N3U) option for NSEC3 hash algorithms. Its | o NSEC3 Hash Understood (N3U) option for NSEC3 hash algorithms. Its | |||
| value is fixed at TBD3. | value is fixed at TBD3. | |||
| LIST-LENGTH is the length of the list of digital signature or hash | LIST-LENGTH is the length of the list of digital signature or hash | |||
| algorithm codes in octets. Each algorithm code occupies a single | algorithm codes in octets. Each algorithm code occupies a single | |||
| octet. | octet. | |||
| ALG-CODE is the list of assigned values of DNSSEC zone signing | ALG-CODE is the list of assigned values of DNSSEC zone signing | |||
| algorithms, DS hash algorithms, or NSEC3 hash algorithms (depending | algorithms, DS hash algorithms, or NSEC3 hash algorithms (depending | |||
| on the OPTION-CODE in use) that the client declares to be supported. | on the OPTION-CODE in use) that the client declares to be supported. | |||
| The values SHOULD be in descending order of preference, with the most | The values are listed in descending order of preference, with the | |||
| preferred algorithm first. For example, if a validating client | most preferred algorithm first. For example, if a validating client | |||
| signals the DAU option and RSA/SHA-1, RSA/SHA-256 and prefers the | signals the DAU option and RSA/SHA-1, RSA/SHA-256 and prefers the | |||
| latter, the values of ALG-CODE would be: 8 (RSA/SHA-256), 5 (RSA/ | latter, the values of ALG-CODE would be: 8 (RSA/SHA-256), 5 (RSA/ | |||
| SHA-1). | SHA-1). | |||
| If all three options are included in the OPT RR, there is a potential | If all three options are included in the OPT RR, there is a potential | |||
| for the OPT RR to take up considerable size in the DNS message. | for the OPT RR to take up considerable size in the DNS message. | |||
| However, in practical terms, including all three options is likely to | However, in practical terms, including all three options is likely to | |||
| take up 22-34 octets (average of 6-10 digital signature algorithms, | take up 22-32 octets (average of 6-10 digital signature algorithms, | |||
| 3-5 DS hash algorithms and 1-5 NSEC3 hash algorithms) including the | 3-5 DS hash algorithms and 1-5 NSEC3 hash algorithms) including the | |||
| EDNS option codes and option lengths in a reasonable potential future | EDNS option codes and option lengths in a potential future example. | |||
| example. | ||||
| 3. Client Considerations | 3. Client Considerations | |||
| A validating end-system resolver sets the DAU, DHU and/or N3U option, | A validating end-system resolver sets the DAU, DHU and/or N3U option, | |||
| or combination thereof in the OPT meta-RR when sending a query. The | or combination thereof in the OPT meta-RR when sending a query. The | |||
| validating end-system resolver sets the value(s) in the order of | validating end-system resolver sets the value(s) in the order of | |||
| preference, with the most preferred algorithm(s) first as described | preference, with the most preferred algorithm(s) first as described | |||
| in section 2. The end-system resolver SHOULD also set the DNSSEC-OK | in section 2. The validating end-system resolver MUST also set the | |||
| bit [RFC4035] to indicate that it wishes to receive DNSSEC RRs in the | DNSSEC-OK bit [RFC4035] to indicate that it wishes to receive DNSSEC | |||
| response. | RRs in the response. | |||
| Note that the PRIVATEDNS (253) and/or the PRIVATEOID (254) digital | Note that the PRIVATEDNS (253) and/or the PRIVATEOID (254) digital | |||
| signature codes both cover a potentially wide range of algorithms and | signature codes both cover a potentially wide range of algorithms and | |||
| are likely not useful to a server. There is no compelling reason for | are likely not useful to a server. There is no compelling reason for | |||
| a client to include these codes in its list of the DAU. Likewise, | a client to include these codes in its list of the DAU. Likewise, | |||
| clients MUST NOT include RESERVED codes in any of the options. | clients MUST NOT include RESERVED codes in any of the options. | |||
| 3.1. Stub Resolvers | 3.1. Stub Resolvers | |||
| Typically, stub resolvers rely on an upstream recursive server (or | Typically, stub resolvers rely on an upstream recursive server (or | |||
| cache) to provide a response. So optimal setting of the DAU, DSU and | cache) to provide a response. So optimal setting of the DAU, DSU and | |||
| N3U options depends on whether the stub resolver elects to perform | N3U options depends on whether the stub resolver elects to perform | |||
| its own validation. | its own validation. | |||
| 3.1.1. Validating Stub Resolvers | 3.1.1. Validating Stub Resolvers | |||
| A validating stub resolver already (usually) sets the DO bit | A validating stub resolver already (usually) sets the DO bit | |||
| [RFC4035] to indicate that it wishes to receive additional DNSSEC RRs | [RFC4035] to indicate that it wishes to receive additional DNSSEC RRs | |||
| (i.e. RRSIG RR's) in the response. Such validating resolvers SHOULD | (i.e. RRSIG RRs) in the response. Such validating resolvers SHOULD | |||
| include the DAU, DHU and/or the N3U option(s) in the OPT RR when | include the DAU, DHU and/or the N3U option(s) in the OPT RR when | |||
| sending a query. This way the validating stub resolver indicates | sending a query. The way the validating stub resolver indicates | |||
| which cryptographic algorithm(s) it supports by setting the values in | which cryptographic algorithm(s) it supports by setting the values in | |||
| the order of preference, with the most preferred algorithm first as | the order of preference, with the most preferred algorithm first as | |||
| described in Section 2. | described in Section 2. | |||
| 3.1.2. Non-Validating Stub Resolvers | 3.1.2. Non-Validating Stub Resolvers | |||
| The DAU, DHU and N3U EDNS options are NOT RECOMMENDED for non- | The DAU, DHU and N3U EDNS options are NOT RECOMMENDED for non- | |||
| validating stub resolvers. | validating stub resolvers. | |||
| 3.2. Recursive Resolvers | 3.2. Recursive Resolvers | |||
| 3.2.1. Validating Recursive Resolvers | 3.2.1. Validating Recursive Resolvers | |||
| A validating recursive resolver sets the DAU, DHU and/or N3U | A validating recursive resolver sets the DAU, DHU and/or N3U | |||
| option(s) when performing recursion based on the DO and CD flags in | option(s) when performing recursion based on the DO and CD flags in | |||
| the client request [RFC4035]. If the client of the recursive | the client request [RFC4035]. If the client of the recursive | |||
| resolver did not include the DO bit in the query the recursive | resolver did not include the DO bit in the query the recursive | |||
| resolver SHOULD include the option(s) according to its own local | resolver MAY include the option(s) according to its own local policy. | |||
| policy. | ||||
| If the client did include the DO and CD bits, but did not include the | If the client did include the DO and CD bits, but did not include the | |||
| DAU, DHU and/or N3U option(s) in the query, the validating recursive | DAU, DHU and/or N3U option(s) in the query, the validating recursive | |||
| resolver SHOULD NOT include the option(s) to avoid conflicts. | resolver MUST NOT include the option(s) to avoid conflicts. | |||
| If the client did set the DO bit and the option(s) in the query, the | If the client did set the DO bit and the option(s) in the query, the | |||
| validating recursive resolver SHOULD include the option(s) based on | validating recursive resolver MUST include the option(s) based on the | |||
| the setting of the CD bit. If the CD bit is set, the validating | setting of the CD bit. If the CD bit is set, the validating | |||
| recursive resolver SHOULD include the option(s) based on the client | recursive resolver MUST include the option(s) based on the client | |||
| query or a superset of the client option(s) list and the validator's | query or a superset of the client option(s) list and the validator's | |||
| own list (if different). If the CD bit is not set, the validating | own list (if different). If the CD bit is not set, the validating | |||
| recursive resolver MAY copy the client option(s) or substitute its | recursive resolver MAY copy the client option(s) or substitute its | |||
| own option list. | own option list. | |||
| 3.2.2. Non-validating Recursive Resolvers | 3.2.2. Non-validating Recursive Resolvers | |||
| Recursive resolvers that do not do validation SHOULD copy the DAU, | Recursive resolvers that do not do validation MUST copy the DAU, DHU | |||
| DHU and/or N3U option(s) seen in received queries as they represent | and/or N3U option(s) seen in received queries as they represent the | |||
| the wishes of the validating downstream resolver that issued the | wishes of the validating downstream resolver that issued the original | |||
| original query. | query. | |||
| 4. Intermediate System Considerations | 4. Intermediate System Considerations | |||
| Intermediate proxies [RFC5625] that understand DNS SHOULD behave like | Intermediate proxies [RFC5625] that understand DNS are RECOMMENDED to | |||
| a comparable recursive resolver when dealing with the DAU, DHU and | behave like a comparable recursive resolver when dealing with the | |||
| N3U options. | DAU, DHU and N3U options. | |||
| 5. Server Considerations | 5. Server Considerations | |||
| When an authoritative server sees the DAU, DHU and/or N3U option(s) | When an authoritative server sees the DAU, DHU and/or N3U option(s) | |||
| in the OPT meta-RR in a request the normal algorithm for servicing | in the OPT meta-RR in a request the normal algorithm for servicing | |||
| requests is followed. The options MUST NOT trigger any special | requests is followed. The options MUST NOT trigger any special | |||
| processing (e.g. RRSIG filtering in responses) on the server side. | processing (e.g. RRSIG filtering in responses) on the server side. | |||
| If the options are present but the DNSSEC-OK (OK) bit is not set, the | If the options are present but the DNSSEC-OK (OK) bit is not set, the | |||
| server does not do any DNSSEC processing, including any recording of | server does not do any DNSSEC processing, including any recording of | |||
| skipping to change at page 7, line 33 ¶ | skipping to change at page 7, line 32 ¶ | |||
| The algorithm codes used to identify DNSSEC algorithms, DS RR hash | The algorithm codes used to identify DNSSEC algorithms, DS RR hash | |||
| algorithms and NSEC3 hash algorithms have already been established by | algorithms and NSEC3 hash algorithms have already been established by | |||
| IANA. This document does not seek to alter that registry in any way. | IANA. This document does not seek to alter that registry in any way. | |||
| This draft seeks to update the "DNS EDNS Options" registry by adding | This draft seeks to update the "DNS EDNS Options" registry by adding | |||
| the DAU, DHU and N3U options and referencing this document. The code | the DAU, DHU and N3U options and referencing this document. The code | |||
| for these options are TBD1, TBD2 and TBD3 respectively. | for these options are TBD1, TBD2 and TBD3 respectively. | |||
| 8. Security Considerations | 8. Security Considerations | |||
| This document specifies a way for a client to signal its | This document specifies a way for a client to signal its digital | |||
| cryptographic and hash algorithm knowledge to a cache or server. It | signature and hash algorithm knowledge to a cache or server. It is | |||
| is not meant to be a discussion on algorithm superiority. The | not meant to be a discussion on algorithm superiority. The signals | |||
| signals are optional codes contained in the OPT meta-RR used with | are optional codes contained in the OPT meta-RR used with EDNS. The | |||
| EDNS. The goal of these options are to signal new algorithm uptake | goal of these options are to signal new algorithm uptake in client | |||
| in client code to allow zone administrators to know when it is | code to allow zone administrators to know when it is possible to | |||
| possible to complete an algorithm rollover in a DNSSEC signed zone. | complete an algorithm rollover in a DNSSEC signed zone. | |||
| 9. Normative References | 9. Normative References | |||
| [I-D.ietf-dnsext-rfc2671bis-edns0] Damas, J., Graff, M., and P. | [I-D.ietf-dnsext-rfc2671bis-edns0] Damas, J., Graff, M., and P. | |||
| Vixie, "Extension Mechanisms for | Vixie, "Extension Mechanisms for | |||
| DNS (EDNS0)", draft-ietf-dnsext- | DNS (EDNS0)", draft-ietf-dnsext- | |||
| rfc2671bis-edns0-08 (work in | rfc2671bis-edns0-08 (work in | |||
| progress), February 2012. | progress), February 2012. | |||
| [RFC2119] Bradner, S., "Key words for use | [RFC2119] Bradner, S., "Key words for use | |||
| End of changes. 23 change blocks. | ||||
| 48 lines changed or deleted | 47 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||