Re: DJB about NSEC3
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
On Sep 2, 2008, at 11:42 AM, bert hubert wrote:
> On Tue, Sep 02, 2008 at 09:50:15AM +0100, Roy Arends wrote:[color=green]
>> I'd like to have more information how the "NSEC3" variant of DNSSEC
>> almost always breakable? I'd like to know how to interpret "almost
> I think it has been established that NSEC(3) allows the creation of
> non-existent names within secured zones, if I followed things
> So even if importantbank.com is signed, I can try to spoof in
> NS records for secure.importantbank.com, using a purloined NSEC(3)
> record that
> covers secure.importantbank.com. The secure.importantbank.com zone
> is then
> unsigned, and contains the data of my choice.
> As long as secure.importantbank.com does not exist already of course.
> As a precautionary measure, importantbank.com might want to have dummy
> records for everything that 'looks' official.[/color]
How would that work provided that:
- .com deploys NSEC3 with opt-out
- There is a secure delegation from .com to importantbank.com
- And importantbank.com does not deploy OPT-OUT but contains a full
On the latter assumption please note that the OPT-OUT bit is only
supposed to be set over name-spans that only contain delegations and
has been designed specifically 'delegation-centric' zones such as
TLDs. If importantbank.com would be using opt-out they could be
subject to the attack you describe but they would be shooting
themselves in the feet.
I would think that the warnings in 5011 are big enough: opt-out is
under adult supervision only (TLDs are often parents... pun intended)
content-type: application/pgp-signature; x-mac-type=70674453;
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
Comment: This message is locally signed.
-----END PGP SIGNATURE-----
to unsubscribe send a message to [email]email@example.com[/email] with
the word 'unsubscribe' in a single line as the message text body.