rfc3658.txt

非常好的dns解析软件

   This is an example of a KEY record and the corresponding DS record.

   dskey.example. KEY  256 3 1 (
                  AQPwHb4UL1U9RHaU8qP+Ts5bVOU1s7fYbj2b3CCbzNdj
                  4+/ECd18yKiyUQqKqQFWW5T3iVc8SJOKnueJHt/Jb/wt
                  ) ; key id = 28668
             DS   28668 1  1  49FD46E6C4B45C55D4AC69CBD3CD34AC1AFE51DE









Gudmundsson                 Standards Track                    [Page 13]

RFC 3658      Delegation Signer (DS) Resource Record (RR)  December 2003


3.  Resolver

3.1.  DS Example

   To create a chain of trust, a resolver goes from trusted KEY to DS to
   KEY.

      Assume the key for domain "example." is trusted.  Zone "example."
      contains at least the following records:
      example.          SOA     <soa stuff>
      example.          NS       ns.example.
      example.          KEY     <stuff>
      example.          NXT      secure.example. NS SOA KEY SIG NXT
      example.          SIG(SOA)
      example.          SIG(NS)
      example.          SIG(NXT)
      example.          SIG(KEY)
      secure.example.   NS      ns1.secure.example.
      secure.example.   DS      tag=12345 alg=3 digest_type=1 <foofoo>
      secure.example.   NXT     unsecure.example. NS SIG NXT DS
      secure.example.   SIG(NXT)
      secure.example.   SIG(DS)
      unsecure.example  NS      ns1.unsecure.example.
      unsecure.example. NXT     example. NS SIG NXT
      unsecure.example. SIG(NXT)

      In zone "secure.example." following records exist:
      secure.example.   SOA      <soa stuff>
      secure.example.   NS       ns1.secure.example.
      secure.example.   KEY      <tag=12345 alg=3>
      secure.example.   KEY      <tag=54321 alg=5>
      secure.example.   NXT      <nxt stuff>
      secure.example.   SIG(KEY) <key-tag=12345 alg=3>
      secure.example.   SIG(SOA) <key-tag=54321 alg=5>
      secure.example.   SIG(NS)  <key-tag=54321 alg=5>
      secure.example.   SIG(NXT) <key-tag=54321 alg=5>

   In this example, the private key for "example." signs the DS record
   for "secure.example.", making that a secure delegation.  The DS
   record states which key is expected to sign the KEY RRset at
   "secure.example.".  Here "secure.example." signs its KEY RRset with
   the KEY identified in the DS RRset, thus the KEY RRset is validated
   and trusted.

   This example has only one DS record for the child, but parents MUST
   allow multiple DS records to facilitate key roll-over and multiple
   KEY algorithms.




Gudmundsson                 Standards Track                    [Page 14]

RFC 3658      Delegation Signer (DS) Resource Record (RR)  December 2003


   The resolver determines the security status of "unsecure.example." by
   examining the parent zone's NXT record for this name.  The absence of
   the DS bit indicates an unsecure delegation.  Note the NXT record
   SHOULD only be examined after verifying the corresponding signature.

3.2.  Resolver Cost Estimates for DS Records

   From a RFC 2535 recursive resolver point of view, for each delegation
   followed to chase down an answer, one KEY RRset has to be verified.
   Additional RRsets might also need to be verified based on local
   policy (e.g., the contents of the NS RRset).  Once the resolver gets
   to the appropriate delegation, validating the answer might require
   verifying one or more signatures.  A simple A record lookup requires
   at least N delegations to be verified and one RRset.  For a DS-
   enabled recursive resolver, the cost is 2N+1.  For an MX record,
   where the target of the MX record is in the same zone as the MX
   record, the costs are N+2 and 2N+2, for RFC 2535 and DS,
   respectively.  In the case of a negative answer, the same ratios hold
   true.

   The recursive resolver has to do an extra query to get the DS record,
   which will increase the overall cost of resolving this question, but
   it will never be worse than chasing down NULL KEY records from the
   parent in RFC 2535 DNSSEC.

   DS adds processing overhead on resolvers and increases the size of
   delegation answers, but much less than storing signatures in the
   parent zone.

4.  Security Considerations

   This document proposes a change to the validation chain of KEY
   records in DNSSEC.  The change is not believed to reduce security in
   the overall system.  In RFC 2535 DNSSEC, the child zone has to
   communicate keys to its parent and prudent parents will require some
   authentication with that transaction.  The modified protocol will
   require the same authentication, but allows the child to exert more
   local control over its own KEY RRset.

   There is a remote possibility that an attacker could generate a valid
   KEY that matches all the DS fields, of a specific DS set, and thus
   forge data from the child.  This possibility is considered
   impractical, as on average more than

      2 ^ (160 - <Number of keys in DS set>)

   keys would have to be generated before a match would be found.




Gudmundsson                 Standards Track                    [Page 15]

RFC 3658      Delegation Signer (DS) Resource Record (RR)  December 2003


   An attacker that wants to match any DS record will have to generate
   on average at least 2^80 keys.

   The DS record represents a change to the DNSSEC protocol and there is
   an installed base of implementations, as well as textbooks on how to
   set up secure delegations.  Implementations that do not understand
   the DS record will not be able to follow the KEY to DS to KEY chain
   and will consider all zones secured that way as unsecure.

5.  IANA Considerations

   IANA has allocated an RR type code for DS from the standard RR type
   space (type 43).

   IANA has established a new registry for the DS RR type for digest
   algorithms.  Defined types are:

      0 is Reserved,
      1 is SHA-1.

   Adding new reservations requires IETF standards action.

6.  Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   intellectual property or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; neither does it represent that it
   has made any effort to identify any such rights.  Information on the
   IETF's procedures with respect to rights in standards-track and
   standards-related documentation can be found in BCP-11.  Copies of
   claims of rights made available for publication and any assurances of
   licenses to be made available, or the result of an attempt made to
   obtain a general license or permission for the use of such
   proprietary rights by implementors or users of this specification can
   be obtained from the IETF Secretariat.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights which may cover technology that may be required to practice
   this standard.  Please address the information to the IETF Executive
   Director.








Gudmundsson                 Standards Track                    [Page 16]

RFC 3658      Delegation Signer (DS) Resource Record (RR)  December 2003


7.  Acknowledgments

   Over the last few years a number of people have contributed ideas
   that are captured in this document.  The core idea of using one key
   to sign only the KEY RRset comes from discussions with Bill Manning
   and Perry Metzger on how to put in a single root key in all
   resolvers. Alexis Yushin, Brian Wellington, Sam Weiler, Paul Vixie,
   Jakob Schlyter, Scott Rose, Edward Lewis, Lars-Johan Liman, Matt
   Larson, Mark Kosters, Dan Massey, Olaf Kolman, Phillip Hallam-Baker,
   Miek Gieben, Havard Eidnes, Donald Eastlake 3rd., Randy Bush, David
   Blacka, Steve Bellovin, Rob Austein, Derek Atkins, Roy Arends, Mark
   Andrews, Harald Alvestrand, and others have provided useful comments.

8.  References

8.1.  Normative References

   [RFC1035]  Mockapetris, P., "Domain Names - Implementation and
              Specification", STD 13, RFC 1035, November 1987.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2535]  Eastlake, D., "Domain Name System Security Extensions",
              RFC 2535, March 1999.

   [RFC3008]  Wellington, B., "Domain Name System Security (DNSSEC)
              Signing Authority", RFC 3008, November 2000.

   [RFC3090]  Lewis, E., "DNS Security Extension Clarification on Zone
              Status", RFC 3090, March 2001.

   [RFC3225]  Conrad, D., "Indicating Resolver Support of DNSSEC", RFC
              3225, December 2001.

   [RFC3445]  Massey, D. and S. Rose, "Limiting the scope of the KEY
              Resource Record (RR)", RFC 3445, December 2002.

8.2.  Informational References

   [RFC2181]  Elz, R. and R. Bush, "Clarifications to the DNS
              Specification", RFC 2181, July 1997.

   [RFC3226]  Gudmundsson, O., "DNSSEC and IPv6 A6 aware server/resolver
              message size requirements", RFC 3226, December 2001.






Gudmundsson                 Standards Track                    [Page 17]

RFC 3658      Delegation Signer (DS) Resource Record (RR)  December 2003


9.  Author's Address

   Olafur Gudmundsson
   3821 Village Park Drive
   Chevy Chase, MD,  20815

   EMail: ds-rfc@ogud.com












































Gudmundsson                 Standards Track                    [Page 18]

RFC 3658      Delegation Signer (DS) Resource Record (RR)  December 2003


10.  Full Copyright Statement

   Copyright (C) The Internet Society (2003).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assignees.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgement

   Funding for the RFC Editor function is currently provided by the
   Internet Society.



















Gudmundsson                 Standards Track                    [Page 19]