On Tue, 22 May 2018, Ryan Sleevi via dev-security-policy wrote:
However, what does this buy us? Considering that the ZSKs are intentionally designed to be frequently rotated (24 - 72 hours), thus permitting weaker key sizes (RSA-512),
I don't know anyone who believes or uses these timings or key sizes. It might be done as an _attack_ but it would be a very questionable deployment. I know of 12400 512 bit RSA ZSK's in a total of about 6.5 million. And I consider those to be an operational mistake.
However, let us not pretend that recording the bytes-on-the-wire DNS responses, including for DNSSEC, necessarily helps us achieve some goal about repudiation. Rather, it helps us identify issues such as what LE highlighted - a need for quick and efficient information scanning to discover possible impact - which is hugely valuable in its own right, and is an area where I am certain that a majority of CAs are woefully lagging in. That LE recorded this at all, beyond simply "checked DNS", is more of a credit than a disservice, and a mitigating factor more than malfeasance.
I see no reason why not to log the entire chain to the root. The only exception being maliciously long chains, which you can easilly cap and error out on after following about 50 DS records? Paul _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy