BIND 9.18.6 disables RSASHA1 at runtime?
Petr Menšík
pemensik at redhat.com
Mon Sep 5 07:56:11 UTC 2022
On 9/2/22 14:23, Bjørn Mork wrote:
> Mark Andrews <marka at isc.org> writes:
>
>> We don’t log rsamd5 is disabled now ec or ed curves when they are not
>> supported by the crypto provider. Why should rsasha1 based algs be
>> special?
> Because RSASHA1 validation still is a MUST in RFC8624? MD5 is and ED is
> not.
>
> I don't know if disabled EC curves is a real world problem, but
> ECDSAP256SHA256 is also a MUST and should get the same treatment.
>
> IMHO you should not allow the server to start up with a non-compliant
> configuration without making sure the adminstrator is aware of the
> problem. A log warning is sort of a minimum. Personally I'd prefer the
> server to die by default. It is unsuitable as a validating resolver and
> forcing adminstrators to find that out the hard way is not very nice.
>
>
> Bjørn
I do not think all servers should fail to start on CentOS Stream 9,
RHEL9 and derivates. Yes, I have hit too it does not report at all which
algorithms are ready to use. But DEFAULT crypto policy on those
distributions simply do not allow validation of SHA-1 based signatures
to succeed. It is suitable for all other algorithms so I disagree that
without algorithms 5 and 7 it is not usable at all. Majority of secured
domains use stronger algorithms already.
I think it might report at least single line with a list of successfuly
initialized algorithms. So it would not report RSASHA1 is not available,
but a list of algorithms which are available in this build AND runtime
environment. I think such list would be short enough.
Administrators should be aware of those issues by reading release notes
on affected distributions. They should not be surprised so much.
Regards,
Petr
More information about the bind-users
mailing list