DNSSec mess with SHA1
Wolfgang Riedel
Wolfgang.Riedel at f1-consult.com
Wed Dec 20 17:17:40 UTC 2023
Hi Folks,
Many thanks for you feedback and insights.
I didn’t wanted to say that this is an ISC issue or something I expected someone to fix.
I just wanted to get your opinions and maybe provide a solution as I am not the only one facing that challenge ;-)
Yes, it may be a distribution packing or installation issue outside of BIND but nevertheless it’s impacting DNS resolution in a negative way.
Anyway, the easy solution to get it working without creating DNSSEC exceptions lists is:
update-crypto-policies --set LEGACY
… but I still think the right way would be getting people signing their zones with ED25519 or ED448 as mentioned by Scott.
The following table lists the implementation recommendations for DNSKEY algorithms [DNSKEY-IANA].
+--------+--------------------+-----------------+-------------------+
| Number | Mnemonics | DNSSEC Signing | DNSSEC Validation |
+--------+--------------------+-----------------+-------------------+
| 1 | RSAMD5 | MUST NOT | MUST NOT |
| 3 | DSA | MUST NOT | MUST NOT |
| 5 | RSASHA1 | NOT RECOMMENDED | MUST |
| 6 | DSA-NSEC3-SHA1 | MUST NOT | MUST NOT |
| 7 | RSASHA1-NSEC3-SHA1 | NOT RECOMMENDED | MUST |
| 8 | RSASHA256 | MUST | MUST |
| 10 | RSASHA512 | NOT RECOMMENDED | MUST |
| 12 | ECC-GOST | MUST NOT | MAY |
| 13 | ECDSAP256SHA256 | MUST | MUST |
| 14 | ECDSAP384SHA384 | MAY | RECOMMENDED |
| 15 | ED25519 | RECOMMENDED | RECOMMENDED |
| 16 | ED448 | MAY | RECOMMENDED |
+--------+--------------------+-----------------+-------------------+
I still puzzled why root zones can’t get it done to re-singn their zones with a decent algorithm and that organisations like NIST are still on SHA1…
Cheers and many thanks,
Wolfgang
On 15. Dec 2023, at 23:11, Mark Andrews <marka at isc.org> wrote:
They haven’t removed sha1 they have removed certain uses of sha1. If they ever remove sha1 we will just add an implementation for sha1.
--
Mark Andrews
On 16 Dec 2023, at 01:09, Scott Morizot <tmorizot at gmail.com> wrote:
On Fri, Dec 15, 2023 at 7:40 AM Petr Špaček <pspacek at isc.org<mailto:pspacek at isc.org>> wrote:
We do runtime detection at startup because it's configurable, build time
would not work properly.
Okay, that makes sense. However, if I understood the scenario correctly, it seems like that configuration should then generate a runtime error or at least report that DNSSEC validation has been disabled. The description involved removing support for SHA1 entirely from the underlying system configuration. If that's the case then I don't see how DNSSEC validation can be reliably performed at all. It's not like introducing a new DNSSEC algorithm or removing support for an older DNSSEC algorithm. SHA1 is used to generate the hash label in NSEC3. I know that's been discussed on dnsops, but it hasn't changed. And from algorithm 8 on, there haven't been separate algorithms with and without NSEC3. Rather it's an option that can be configured for signing on a zone by zone basis. So if SHA1 isn't available, I don't see how any of the DNSSEC algorithms could truly be considered supported on the system.
That's making me curious enough that I might see if I can set up a system where I could reproduce that scenario and see what happens. Unless it's already part of your test suite and you know the answer, of course.
Scott
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20231220/29a2a0f5/attachment.htm>
More information about the bind-users
mailing list