[prev in list] [next in list] [prev in thread] [next in thread]
List: namedroppers
Subject: RE: Suggested modifications to the TSIG draft
From: Stuart Kwan <skwan () MICROSOFT ! COM>
Date: 1998-09-30 22:45:13
[Download RAW message or body]
Olafur, were you planning on incorporating all of Brian's points? Or just a
select set? A few comments:
> - [4.7] Special Considerations for forwarding servers: Should be removed.
> If a server forwards a query, it should strip the incoming TSIG record,
> and generate a new one if it shares a key with the next server. This
> allows the message digest to include the request id instead of 0 (see
> above).
It may not be wise to select a new key, if someday these keys are used for
access control. Also, I take it that you would select a different message
ID for the forwarded update, per RFC 2136? Does anyone else have a comment
here?
> * Computing the digest becomes simpler if the signature length &
> signature fields are moved to the end of the record. Is there any reason
> why they are in the middle?
Jim Gilroy asked for this a while ago, but none of the authors responded.
Eventually we relented so the protocol would move forward. Such is life,
but are we going to change it again?
Cheers,
- Stuart
> -----Original Message-----
> From: Olafur Gudmundsson [SMTP:ogud@TIS.COM]
> Sent: Tuesday, September 29, 1998 11:19 AM
> To: namedroppers@internic.net
> Subject: Re: Suggested modifications to the TSIG draft
>
> At 05:21 PM 9/23/98 -0400, Brian Wellington wrote:
> >I've been implementing the TSIG draft, both in BIND 8.1.2 and an
> >independent implementation of DNS (in Java). Based on this experience,
> >I've come across a number of issues that need resolution and/or
> >clarification.
> >
> >These ideas have arisen in discussions with Olafur Gudmundsson, Paul
> >Vixie, and Bob Halley. No guarantees that everyone agreed on all changes
> >presented below.
>
>
> Given that there have been no objections to the proposed changes
> I will go ahead and update the draft to reflect these changes,
> any objections ?
>
> Olafur
> >
> >Are there any existing implementations of TSIG, and if so, how have the
> >implementors dealt with these problems?
> >
> >Brian
> >
> >-----------
> >
> >- [1.7] Error codes: Having different errors for BADKEY and BADSIG leaks
> >security information (specifically, the name/algorithm of exisiting
> keys).
> >These should be combined into one error code, which could be called
> >BADAUTH.
> >
> >- [3.4.1] DNS Message. The request ID should be digested as present, not
> >as 0 (see below).
> >
> >- [4.3] Error returns:
> > * BADAUTH response: The response will be unsigned, as the problem lies
> > with the key used. The server cannot definitively determine another
> > key to sign the data with, so no key is used.
> >
> > * BADTIME response: The response is signed using the key that signed
> the
> > query. So that the client will not fail to verify the response with a
> > TIME error, the ``Time Signed'' field of the response is copied from
> the
> > query. In order for the client to determined the server's current
> time,
> > the server includes its time in the ``Other Data'' field as an unsigned
> > 48 bit value, and sets ``Other Len'' to 6.
> >
> >- [4.5] Server TSIG checks: BADAUTH checking (both valid key and valid
> >signature) MUST be performed before BADTIME checking, so that BADTIME is
> >only returned on a message with a valid signature.
> >
> >- [4.6.1] Key error handling. The scenario described (a valid signature
> >from a different key than the query used) should no longer occur, since
> >error messages are either unsigned (BADAUTH) or signed with the same key
> >(BADTIME). This mechanism could be used if the client/server shared
> >multiple keys and the server was requesting that the client use a
> >different key.
> >
> >- [4.7] Special Considerations for forwarding servers: Should be removed.
> >If a server forwards a query, it should strip the incoming TSIG record,
> >and generate a new one if it shares a key with the next server. This
> >allows the message digest to include the request id instead of 0 (see
> >above).
> >
> >Other comments, not essential:
> >
> >- [2.3] Record format:
> > * Why is the algorithm a domain name? It would be simpler to use an
> > IANA assigned constant for processing and name server configuration.
> >
> > * Computing the digest becomes simpler if the signature length &
> signature
> > fields are moved to the end of the record. Is there any reason why
> they
> > are in the middle?
> >
> >- [4.4] TSIG on TCP Connection: This could use clarification and/or
> >different word choice. The terms ``header'', ``DNS header'',
> >``envelope'', and ``message'' are all used and undefined. It looks like
> >``header'' and ``DNS header''are used when ``envelope'' should be, and
> >``header'' should be reserved for the 12 byte header at the beginning of
> >each envelope. I assume a ``message'' is a set of envelopes containing
> >exactly one TSIG, on the last envelope. So, each message digest contains
> >the previous digest (the TSIG signature), digests of each envelope, and
> >the TSIG Timers (calculated at the time of the TSIG signature). Is this
> >correct?
> >
> >
> ----------------------------------------------------
> Ólafur Guðmundsson (in ISO-8859-1) ogud@tis.com (work)
> Olafur Gudmundsson (in US ascii) ogud@acm.org (private)
> (301)-854-5700 Fax: x5363
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic