DNSSEC - NXT - authenticated non-existence questions
Reza Curtmola
crix at cs.jhu.edu
Mon Aug 2 23:53:19 UTC 2004
This question is about the design considerations for choosing the NXT
record to provide authenticated non-existance, as part of the DNSSEC
security extensions. There are several reasons why this was preferred
versus just returning a signed negative answer. Some of these reasons
include:
1) too expensive to generate a public-key signature on the spot (also the
signing key would have to be online)
2) possibility of a replay attack: if an attacker asks for www.domain.com,
and gets back a signed negative answer (that www.domain.com does not
exist), then the attacker could later use this signed answer, as long as
the signature hasn't expired yet, even if the name www.domain.com has been
added meanwhile.
I have two questions:
1) Isn't it possible to use the same replay attack also when a NXT record
is used? The attacker can return an older NXT record, with a corresponding
SIG record which is still valid. This old NXT record might not reflect the
new configuration, where www.domain.com had been added meanwhile.
2) are there any other reasons why the NXT record was chosen versus simply
returning a signed negative answer?
More information about the bind-users
mailing list