DNSSEC - NXT - authenticated non-existence questions
Danny Mayer
mayer at gis.net
Tue Aug 3 13:19:57 UTC 2004
You should ask this question in namedroppers (namedroppers at ops.ietf.org)
since this is a DNSSEC question and not a BIND question and in any
case that's where the experts in this area hang out.
Be warned that most of them are at IETF in San Diego this week, so response
may be slow.
Danny
At 07:53 PM 8/2/2004, Reza Curtmola wrote:
>This question is about the design considerations for choosing the NXT
>record to provide authenticated non-existance, as part of the DNSSEC
>security extensions. There are several reasons why this was preferred
>versus just returning a signed negative answer. Some of these reasons
>include:
>
>1) too expensive to generate a public-key signature on the spot (also the
>signing key would have to be online)
>2) possibility of a replay attack: if an attacker asks for www.domain.com,
>and gets back a signed negative answer (that www.domain.com does not
>exist), then the attacker could later use this signed answer, as long as
>the signature hasn't expired yet, even if the name www.domain.com has been
>added meanwhile.
>
>I have two questions:
>
>1) Isn't it possible to use the same replay attack also when a NXT record
>is used? The attacker can return an older NXT record, with a corresponding
>SIG record which is still valid. This old NXT record might not reflect the
>new configuration, where www.domain.com had been added meanwhile.
>
>2) are there any other reasons why the NXT record was chosen versus simply
>returning a signed negative answer?
More information about the bind-users
mailing list