headers
internet-drafts | 13 Apr 2012 09:11
Picon
Favicon

I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item
of the Domain Name System Operations Working Group of the IETF.

	Title           : DNSSEC Operational Practices, Version 2
	Author(s)       : Olaf M. Kolkman
                          W. (Matthijs) Mekking
	Filename        : draft-ietf-dnsop-rfc4641bis-11.txt
	Pages           : 79
	Date            : 2012-04-13

   This document describes a set of practices for operating the DNS with
   security extensions (DNSSEC).  The target audience is zone
   administrators deploying DNSSEC.

   The document discusses operational aspects of using keys and
   signatures in the DNS.  It discusses issues of key generation, key
   storage, signature generation, key rollover, and related policies.

   This document obsoletes RFC 4641 as it covers more operational ground
   and gives more up-to-date requirements with respect to key sizes and
   the DNSSEC operations.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-dnsop-rfc4641bis-11.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
(Continue reading)

Permalink | Reply |
headers
Matthijs Mekking | 13 Apr 2012 09:13
Picon
Favicon

Re: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt


FYI: This version adopts the review items from Alfred and Marc.

Best regards,
  Matthijs

On 04/13/2012 09:11 AM, internet-drafts <at> ietf.org wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories. This draft is a work item of the Domain Name System
> Operations Working Group of the IETF.
> 
> Title           : DNSSEC Operational Practices, Version 2 Author(s)
> : Olaf M. Kolkman W. (Matthijs) Mekking Filename        :
> draft-ietf-dnsop-rfc4641bis-11.txt Pages           : 79 Date
> : 2012-04-13
> 
> This document describes a set of practices for operating the DNS
> with security extensions (DNSSEC).  The target audience is zone 
> administrators deploying DNSSEC.
> 
> The document discusses operational aspects of using keys and 
> signatures in the DNS.  It discusses issues of key generation, key 
> storage, signature generation, key rollover, and related policies.
> 
> This document obsoletes RFC 4641 as it covers more operational
> ground and gives more up-to-date requirements with respect to key
> sizes and the DNSSEC operations.
> 
>
(Continue reading)

Permalink | Reply |
headers
Suresh Krishnaswamy | 18 May 2012 20:30

Re: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt

I'm reading 4641bis after a really long time and the current version appears useful and very well done. So
I'd like to applaud the editors and working group for bringing this document into such good shape.

Leaving aside the nits, here are some of my comments on -11.

3.2.1.  Rolling a KSK that is not a trust anchor
   There are 3 schools of thought on rolling a KSK that is not a trust
   anchor:

   o  It should be done frequently and regularly (possibly every few
      months) so that a key rollover remains an operational routine.

   o  It should be done frequently but irregularly.  Frequently meaning
      every few months, again based on the argument that a rollover is a
      practiced and common operational routine, and irregular meaning
      with a large jitter, so that 3rd parties do not start to rely on
      the key and will not be tempted to configure it as a trust anchor.

   o  It should only be done when it is known or strongly suspected that
      the key can be or has been compromised, or when a new algorithm or
      key storage is required.

SK> I'd add a fourth:

   o  It should be done in conjunction with operator change policies and
      procedures so that new operators are adequately prepared to conduct
      unscheduled key rollover operations should the need arise.

-----------------------------
(Continue reading)

Permalink | Reply |
headers
Paul Hoffman | 18 May 2012 20:59

Re: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt

On May 18, 2012, at 11:30 AM, Suresh Krishnaswamy wrote:

> I'm reading 4641bis after a really long time and the current version appears useful and very well done. So
I'd like to applaud the editors and working group for bringing this document into such good shape.
> 
> Leaving aside the nits, here are some of my comments on -11.
> 
> 
> 3.2.1.  Rolling a KSK that is not a trust anchor
>   There are 3 schools of thought on rolling a KSK that is not a trust
>   anchor:
> 
>   o  It should be done frequently and regularly (possibly every few
>      months) so that a key rollover remains an operational routine.
> 
>   o  It should be done frequently but irregularly.  Frequently meaning
>      every few months, again based on the argument that a rollover is a
>      practiced and common operational routine, and irregular meaning
>      with a large jitter, so that 3rd parties do not start to rely on
>      the key and will not be tempted to configure it as a trust anchor.
> 
>   o  It should only be done when it is known or strongly suspected that
>      the key can be or has been compromised, or when a new algorithm or
>      key storage is required.
> 
> 
> SK> I'd add a fourth:
> 
>   o  It should be done in conjunction with operator change policies and
>      procedures so that new operators are adequately prepared to conduct
(Continue reading)

Permalink | Reply |
headers
Olaf Kolkman | 21 May 2012 11:40
Picon
Favicon

Re: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt


On May 18, 2012, at 8:30 PM, Suresh Krishnaswamy wrote:

I'm reading 4641bis after a really long time and the current version appears useful and very well done. So I'd like to applaud the editors and working group for bringing this document into such good shape.

Leaving aside the nits, here are some of my comments on -11.

Suresh,

<serious>
Thanks you for the comments, and Paul for the followup. 
</serious>

<sarcasm>
They are very timely since the DNSOP chairs are currently scheduling time to review the document after the last call for this document closed about a year ago.
</sarcasm>

<serious>
Chairs, would you like us to incorporate (some of, see comments from Paul H.) the suggestions in the document _now_ or after you have done your review?

Can you please make sure this document is at the IESG before June? 

</serious>


--Olaf





NLnet
Labs
Olaf M. Kolkman


Science Park 400, 1098 XH Amsterdam, The Netherlands



_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
Olaf Kolkman | 1 Jun 2012 11:00
Picon
Favicon

Re: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt


Dear Chairs,


Some friendly reminders...


On May 21, 2012, at 11:40 AM, Olaf Kolkman wrote:

Chairs, would you like us to incorporate (some of, see comments from Paul H.) the suggestions in the document _now_ or after you have done your review?

This question has been left unanswered.



Can you please make sure this document is at the IESG before June? 

This question has been left unanswered too.



2011-06-27 06 Peter Koch IETF state changed to In WG Last Call from WG Document

2011-12-05 08 Peter Koch IETF state changed to WG Consensus: Waiting for Write-Up from In WG Last
Call

2011-12-05 08 Peter Koch WGLC discussion on the list did not raise objections


That is almost 6 month now. Granted, we have had some comments coming in after the WGLC ended, all of the type that would make reasonable errata. Besides, that is a sign that people take the effort to find and read the draft, to me an indication that there is a need for this document to be published.

Please give us an indication when this document will be submitted to the IESG.


--Olaf



NLnet
Labs
Olaf M. Kolkman


Science Park 400, 1098 XH Amsterdam, The Netherlands



_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
SM | 1 Jun 2012 23:03

Re: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt

Dear Internet Engineering Steering Group,
At 02:00 01-06-2012, Olaf Kolkman wrote:
>That is almost 6 month now. Granted, we have had some comments 
>coming in after the WGLC ended, all of the type that would make 
>reasonable errata. Besides, that is a sign that people take the 
>effort to find and read the draft, to me an indication that there is 
>a need for this document to be published.

Is the DNSOP WG still active?  I am asking this question because:

  (a) The WG charter lists milestones dated Sep 2007.

  (b) It has been over five months since draft-ietf-dnsop-rfc4641bis-11
      is waiting for Write-Up.

Regards,
-sm 

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
Stephen Morris | 2 Jun 2012 02:06

Re: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt

On 01/06/2012 22:03, SM wrote:
> Dear Internet Engineering Steering Group, At 02:00 01-06-2012,
> Olaf Kolkman wrote:
>> That is almost 6 month now. Granted, we have had some comments 
>> coming in after the WGLC ended, all of the type that would make 
>> reasonable errata. Besides, that is a sign that people take the 
>> effort to find and read the draft, to me an indication that
>> there is a need for this document to be published.
> 
> Is the DNSOP WG still active?  I am asking this question because:

Yes, the WG is still active.

> (a) The WG charter lists milestones dated Sep 2007.

Guilty as charged I'm afraid.

On behalf of the chairs, I can only apologise to the WG for neglecting
to review and update the milestones.

> (b) It has been over five months since 
> draft-ietf-dnsop-rfc4641bis-11 is waiting for Write-Up.

As you rightly say, progress on this this is overdue.  However things
have started to move - I undertook a nits review of the -11 version of
the draft earlier this week and the results are now with the editors.
Peter (the document shepherd) also has a few comments and will be
sending them to the editors as well as summarising them on the list.

At the last WG meeting, we also said we would progress one other draft:

draft-ietf-dnsop-dnssec-dps-framework:
This has passed the WGLC.  The final nits review has been done and the
draft is back with the editors for corrections.  A short summary of
the review was posted to the list last month.  Once a new version has
been submitted, it will be passed to the IESG along with the write-up
(which has already been prepared).

A question outstanding - and one for which I am seeking clarification
- concerns the correct copyright notice.  The draft is based heavily on
RFC 3647, but the copyright notice for that is more restrictive than the
one on this draft.  Presumably this means additional copyright text -
but I'm not certain of the implications (if any) of the fact that
earlier versions of this draft have been published with the less
restrictive copyright notice.

So in summary, I'm afraid that the chairs have been somewhat bad at
the housekeeping and apologise to the WG for that.  However, WG is
definitely alive and drafts are being progressed.

Stephen
_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
SM | 2 Jun 2012 03:01

draft-ietf-dnsop-dnssec-dps-framework-07 (was: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt)

Hi Stephen,
At 17:06 01-06-2012, Stephen Morris wrote:
>Yes, the WG is still active.

Thanks for the quick reply.

>On behalf of the chairs, I can only apologise to the WG for neglecting
>to review and update the milestones.

Would it be possible to update the milestones as it is easier to get 
a sense of what work items to track?

>A question outstanding - and one for which I am seeking clarification
>- concerns the correct copyright notice.  The draft is based heavily on
>RFC 3647, but the copyright notice for that is more restrictive than the
>one on this draft.  Presumably this means additional copyright text -
>but I'm not certain of the implications (if any) of the fact that
>earlier versions of this draft have been published with the less
>restrictive copyright notice.

What follows is an informal comment.

The authors of draft-ietf-dnsop-dnssec-dps-framework-07 have stated that:

   "This Internet-Draft is submitted in full conformance with the
    provisions of BCP 78 and BCP 79."

It is simply a matter of asking them an appropriate question. :-)  I 
note that the listed affiliations are Kirei AB, .SE and ICANN.

Quoting Section 1.1:

    "Even though this document is heavily inspired by the Internet X.509
     Public Key Infrastructure Certificate Policy and Certification
     Practices Framework [RFC3647], with large parts being drawn from that
     document"

I don't see any mention of that in the Acknowledgements Section of the draft.

There is a pre5378 license clause which was used in an update of a 
RFC which predates RFC 3647.  This draft is a different and unusual 
case.  BTW, it is easier to let the previous versions of the draft to expire.

Regards,
-sm  

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
Fredrik Ljunggren | 2 Jun 2012 15:05
Picon
Gravatar

Re: draft-ietf-dnsop-dnssec-dps-framework-07 (was: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt)


On 2012-06-02, at 03:01, SM wrote:

> Quoting Section 1.1:
> 
>   "Even though this document is heavily inspired by the Internet X.509
>    Public Key Infrastructure Certificate Policy and Certification
>    Practices Framework [RFC3647], with large parts being drawn from that
>    document"
> 
> I don't see any mention of that in the Acknowledgements Section of the draft.

Thanks for pointing that out. We should add acknowledgement to the work of the 3647 and its predecessor 2527
to the acknowledgements section.

-- Fredrik

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
Joe Abley | 2 Jun 2012 15:51
Picon
Favicon

Re: draft-ietf-dnsop-dnssec-dps-framework-07 (was: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt)

On 2012-06-01, at 21:04, "SM" <sm <at> resistor.net> wrote:

> The authors of draft-ietf-dnsop-dnssec-dps-framework-07 have stated that:
> 
>   "This Internet-Draft is submitted in full conformance with the
>    provisions of BCP 78 and BCP 79."
> 
> It is simply a matter of asking them an appropriate question. :-)  I 
> note that the listed affiliations are Kirei AB, .SE and ICANN.

If I can take the liberty of anticipating the nature of the appropriate question, the answer from ICANN
would be whatever best facilitates the document's timely publication.

Joe
_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
SM | 2 Jun 2012 17:12

Re: draft-ietf-dnsop-dnssec-dps-framework-07 (was: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt)

Hi Joe,
At 06:51 02-06-2012, Joe Abley wrote:
>If I can take the liberty of anticipating the nature of the 
>appropriate question, the answer from ICANN would be whatever best 
>facilitates the document's timely publication.

Someone could take a look at information available at 
http://trustee.ietf.org/ and choose the appropriate copyright license 
for the draft.  That would facilitate the timely publication.

Regards,
-sm 

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
Anne-Marie Eklund-Löwinder | 2 Jun 2012 19:55
Picon

Re: draft-ietf-dnsop-dnssec-dps-framework-07 (was: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt)

The same for .SE. The sooner, the better. :-) I am right now holding back publishing the revised version of
the .SE DPS, since I don't want it to differ in any important part from the draft, hopefully soon to be a RFC. :-)

All the best,

Anne-Marie Eklund Löwinder
Quality & Security Manager, .SE (The Internet Infrastructure Foundation)
Direct: +46(8)-452 35 17 | Mobile: +46(73)-43 15 310 PO Box 7399, 
SE-103 91 Stockholm, Sweden
Visitors: Ringvägen 100
http://www.iis.se/en/

> -----Ursprungligt meddelande-----
> Från: Joe Abley [mailto:joe.abley <at> icann.org]
> Skickat: den 2 juni 2012 15:52
> Till: SM
> Kopia: Stephen Morris; dnsop <at> ietf.org; iesg <at> ietf.org; draft-ietf-dnsop-
> dnssec-dps-framework <at> tools.ietf.org
> Ämne: Re: [DNSOP] draft-ietf-dnsop-dnssec-dps-framework-07 (was: I-D
> Action: draft-ietf-dnsop-rfc4641bis-11.txt)
> 
> On 2012-06-01, at 21:04, "SM" <sm <at> resistor.net> wrote:
> 
> > The authors of draft-ietf-dnsop-dnssec-dps-framework-07 have stated
> that:
> >
> >   "This Internet-Draft is submitted in full conformance with the
> >    provisions of BCP 78 and BCP 79."
> >
> > It is simply a matter of asking them an appropriate question. :-)  I
> > note that the listed affiliations are Kirei AB, .SE and ICANN.
> 
> If I can take the liberty of anticipating the nature of the appropriate
> question, the answer from ICANN would be whatever best facilitates the
> document's timely publication.
> 
> 
> Joe
_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
Fredrik Ljunggren | 3 Jun 2012 17:48
Picon
Gravatar

Re: draft-ietf-dnsop-dnssec-dps-framework-07 (was: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt)


On 2012-06-02, at 03:01, SM wrote:

> The authors of draft-ietf-dnsop-dnssec-dps-framework-07 have stated that:
> 
>  "This Internet-Draft is submitted in full conformance with the
>   provisions of BCP 78 and BCP 79."
> 
> It is simply a matter of asking them an appropriate question. :-)  I note that the listed affiliations are
Kirei AB, .SE and ICANN.

To the best of my knowledge and as one of the authors of the document, the draft is submitted in full
conformance with BCP 78 and BCP 79. Both current and previous versions of BCP 78 allows the creation of
derivative work within the IETF standards process (which includes the Internet-Drafts function),
unless explicitly disallowed in the notices contained in a contribution.

There are no such limitations in the IPR of 3647. In addition, is seems to me as the full copyright statement
of 3647 states that some derivative works outside of the IETF standards process is allowed, provided that
the same full copyright statement is included in that document. But since this is a work which falls within
the scope of the IETF standards process, that clause does not seem to apply.

Everything above is my own laymans interpretation.

> Quoting Section 1.1:
> 
>   "Even though this document is heavily inspired by the Internet X.509
>    Public Key Infrastructure Certificate Policy and Certification
>    Practices Framework [RFC3647], with large parts being drawn from that
>    document"
> 
> I don't see any mention of that in the Acknowledgements Section of the draft.

Thanks for pointing that out, I will make sure to add the appropriate acknowledgements.

> There is a pre5378 license clause which was used in an update of a RFC which predates RFC 3647.  This draft is a
different and unusual case.

Earlier licenses seems to me to have the same provisions on derivative work. Even if this is an unusual case,
I have not yet found anything that contradicts the aforementioned conclusion on my part.

All the best,

-- Fredrik

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |
headers
Matthijs Mekking | 21 May 2012 11:43
Picon
Favicon

Re: I-D Action: draft-ietf-dnsop-rfc4641bis-11.txt


Hi Suresh,

Thanks for your review. I have commented on your feedback in between
lines.

However, I am not planning on any action now. I have lost confidence
in that this document will ever move forward. The WGLC for this
document was June 2011, should this really take so long?

So I like to see some action that gives me some confidence that I am
not working on an abide document.

Best regards,
  Matthijs

On 05/18/2012 08:30 PM, Suresh Krishnaswamy wrote:
> I'm reading 4641bis after a really long time and the current 
> version appears useful and very well done. So I'd like to applaud 
> the editors and working group for bringing this document into such 
> good shape.
> 
> Leaving aside the nits, here are some of my comments on -11.
> 
> 
> 3.2.1.  Rolling a KSK that is not a trust anchor There are 3 
> schools of thought on rolling a KSK that is not a trust anchor:
> 
> o  It should be done frequently and regularly (possibly every few 
> months) so that a key rollover remains an operational routine.
> 
> o  It should be done frequently but irregularly.  Frequently 
> meaning every few months, again based on the argument that a 
> rollover is a practiced and common operational routine, and 
> irregular meaning with a large jitter, so that 3rd parties do not 
> start to rely on the key and will not be tempted to configure it
> as a trust anchor.
> 
> o  It should only be done when it is known or strongly suspected 
> that the key can be or has been compromised, or when a new 
> algorithm or key storage is required.
> 
> 
> SK> I'd add a fourth:
> 
> o  It should be done in conjunction with operator change policies 
> and procedures so that new operators are adequately prepared to 
> conduct unscheduled key rollover operations should the need arise.

This paragraph (3.2.1) is to summarize the two camps in the discussion
whether to roll a key because of operational concerns or to roll a key
because of cryptographically concerns. The second bullet point already
is somewhat a compromise between the two, taking into account that (new)
operators are prepared for unscheduled key rollovers. The third bullet
point also covers changing policies and procedures ("when a new
algorithm or key storage is required").

I am not in favor of adding the fourth bullet point. The first two
bullet points already cover the methods to prepare (new) operators to
conduct key rollovers, unscheduled or scheduled. The third bullet point
covers changes in policies and procedures, but maybe we could change its
text to:

   o  It should only be done when it is known or strongly suspected that
      the key can be or has been compromised, or in conjunction with
      operator change policies and procedures, like when a new
      algorithm or key storage is required.

> -----------------------------
> 
> 3.2.2.  Rolling a KSK that is a trust anchor
> 
> ...
> 
> It is therefore preferred to roll KSKs that are likely to be used 
> as trust anchors on a regular basis if and only if those rollovers 
> can be tracked using standardized (e.g.  RFC 5011) mechanisms.
> 
> 
> SK> The problem with this the above para is that there is no way to
> verify that the rollovers are being tracked by automated 
> mechanisms. Perhaps the guidance ought to be:
> 
> Thus, if a KSK is intended to be used as a trust anchor it is 
> advantageous to use an aggressive rolling schedule initially, in 
> order to build confidence in the validating client's ability to 
> track these rollovers on an ongoing basis.
> 

In the second paragraph of this section, the document states that "it is
expected that the zone administrators are aware of such circumstances."
Such circumstances being the zone's keys are used as trust anchor.

So I think the current text is okay. We could clarify it by replacing
likely with expected:

                                                    vvvvvvvv
    It is therefore preferred to roll KSKs that are expected to be used
    as trust anchors on a regular basis if and only if those rollovers
    can be tracked using standardized (e.g.  RFC 5011) mechanisms.

> 
> -----------------------------
> 
> 
> 3.2.3.  The use of the SEP flag
> 
> ...
> 
> anchor.  Therefore, it is suggested that the SEP flag is set on 
> keys that are used as KSKs and not on keys that are used as ZSKs, 
> while in those cases where a distinction between KSK and ZSK is
> not made (i.e. for a Single Type signing scheme), it is suggested
> that the SEP flag is set on all keys.
> 
> Note that signing tools may assume a KSK/ZSK split and use the 
> (non) presence of the SEP flag to determine which key is to be
> used for signing zone data; these tools may get confused when a
> single type signing scheme is used.
> 
> 
> SK> Suggest deleting the second para above and adding the
> following text at the end of the first para instead.
> 
> Similarly, it is suggested that validators configure Trust Anchors
>  for only those keys that have the SEP flag set.  Signing tools 
> should not merely use the absence of the SEP flag as the sole 
> discriminator while identifying the Zone Signing Keys within a 
> keyset.

While I agree with the paragraph, I don't think it is appropriate to
include into 4641bis. First, the document is targeted at the zone
administrators, not resolver operators. In other words, I think it
should not make considerations regarding validators.

Second, the text about signing tools is not that different from the text
in -11. Only your text makes a recommendation for signing tools
developers, while the text in -11 warns about the assumptions signing
tools make with respect to the SEP bit. I think, given the targeted
audience of the document, the latter is more appropriate.

> -----------------------------
> 
> 
> 3.3.  Key Effectivity Period
> 
> ...
> 
> The motivation for having the ZSK's effectivity period shorter than
> the KSK's effectivity period is rooted in the operational 
> consideration that it is more likely that operators have more 
> frequent read access to the ZSK than to the KSK.  If ZSKs are 
> maintained on cryptographic Hardware Security Modules (HSM), then 
> the motivation to have different key effectivity periods is 
> weakened.
> 
> SK> I don't understand the rationale for the above. The effectivity
> period of the ZSK should have no relation to the number of times it
> is read (and not even on the number of signatures created using it,
> as I think I read on this list). Maybe what we want to say here is
> that
> 
> In cases where the ZSK cannot be afforded the same level of 
> protection as the KSK (such as when zone keys are kept online), and
> where the risk of unauthorized disclosure of the ZSK's private key
> is not negligible (e.g. when HSMs are not in use), the ZSK's 
> effectivity period should be kept shorter than the KSK's 
> effectivity period.
> 

I think we say the same here, but to be honest: I think your text is
more precise (although it neglects the rooted motivation for the
different effectivity periods between ZSK and KSK, I don't think that is
an issue).

> -----------------------------
> 
> 
> 4.1.2.  Key Signing Key Rollovers
> 
> ...
> 
> Since only the key set is signed with a KSK, zone size 
> considerations do not apply.
> 
> SK> However, the number of signatures in the keyset will increase. 
> That is, the response size for the DNSKEY rrset will be slightly 
> larger.

True.

> -----------------------------
> 
> 
> 4.1.3.  Difference Between ZSK and KSK Rollovers
> 
> ...
> 
> The drawbacks of this scheme are that, during the "new DS" phase, 
> the parent cannot verify the match between the DS_K_2 RR and 
> DNSKEY_K_2 using the DNS -- as DNSKEY_K_2 is not yet published. 
> Besides, we introduce a "security lame" key (see Section 4.3.3). 
> Finally, the child-parent interaction consists of two steps.  The 
> "Double Signature" method only needs one interaction.
> 
> 
> SK> Section 4.2.2 talks about the security lameness "condition" and
> security lame "zones". What is a security lame "key"?  Why is the
> introduction of a DS record that has no matching KSK in the child
> zone considered bad (as the above text suggests), given that we
> have another valid DS->KSK link between the parent and child 
> zones?

I assume you mean Section 4.3.3. A key is security lame, if the
corresponding DS is published, but its DNSKEY record not. Security
lameness is not necessarily bad, only if all keys are security lame (as
said in the text and as you also suggest). It happens if you conduct a
Double-DS rollover. However, you do not benefit from security lameness,
and validators have more options to try to build the chain of trust and
if they try the lame keys first, the do more work.

> 
> -----------------------------
> 
> 
> 5.3.3.  NSEC3 Salt
> 
> ...
> 
> However, unlike Zone Signing Key changes, NSEC3 salt changes do
> not need special rollover procedures.  It is possible to change
> the salt each time the zone is updated.
> 
> SK> There was a recent suggestion that NSEC3 salt changes also had
>  certain timing dependencies because of the need to keep the 
> NSEC3PARAM record consistent during this process. Is that a valid 
> concern, and one that must be reflected in this document?

I don't understand 'this process'. What process? The way I see it, they
are tight to the serial. Each version of a zone needs to have a complete
chain of NSEC3s and corresponding NSEC3PARAM. So they are consistent
with the serial. So you could change it every zone change and
secondaries are able to construct valid NSEC3 responses, regardless if
they are in sync with the master or not.

> 
> 
> 
> Thanks! Suresh
> 
> 
> 
> _______________________________________________ DNSOP mailing list
>  DNSOP <at> ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply |

Gmane