>
> > On Tue, Sep 02, 2008 at 09:50:15AM +0100, Roy Arends wrote:
> > > I'd like to have more information how the "NSEC3" variant of DNSSEC is
> > > almost always breakable? I'd like to know how to interpret "almost always

>
> > > breakable".

> >
> > I think it has been established that NSEC(3) allows the creation of
> > non-existent names within secured zones, if I followed things directly.
> >
> > So even if importantbank.com is signed, I can try to spoof in
> > NS records for secure.importantbank.com, using a purloined NSEC(3) record t

> ha
> > t
> > covers secure.importantbank.com. The secure.importantbank.com zone is then
> > unsigned, and contains the data of my choice.
> >
> > As long as secure.importantbank.com does not exist already of course.
> >
> > As a precautionary measure, importantbank.com might want to have dummy
> > records for everything that 'looks' official.
> >
> > Bert

>
> Assuming the optout is not in use.
>
> You can't bring a secure delegation into existance under a
> NSEC3 zone and have the subzone validate. NSEC3 is as
> strong as NSEC for this case.
>
> You can bring a insecure delegation into existance iff there
> is another insecure delegation and the hash of the name
> your are trying to bring into existance matches the hash
> of a existing insecure delegation.
>
> Given the it's a sha1 hash that's n in 2^160 for the hash
> of any abitrary name matching one a existing nsec3 hash where
> n is the number of insecure delegations.
>
> For all practical purposes this is impossible.
>
> Mark


All importantbank.com has to do is not have insecure delegations.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: