I think I have spotted a lacuna or possibly erratum in RFC 7344. In section 4.1 bullet 2 it says:
o Signer: MUST be signed with a key that is represented in both the current DNSKEY and DS RRsets, unless [unusual case] This allows a setup where * the DNSKEY RRset contains a ZSK and a KSK * the DNSKEY RRset is signed by the KSK (of course) * the CDS and CDNSKEY RRsets are signed by the ZSK (weirdly) * the parent contains DS records corresponding to both the KSK (of course) and the ZSK (weirdly) In this weird setup the ZSK's DS can't authenticate the delegation (per RFC 4035 section 5.2) but it does authenticate the CDS/CDNSKEY RRsets. Is this intended? Or was RFC 7344 supposed to say something like: o Signer: MUST be signed with a DNSKEY RR that authenticates the delegation as described in RFC 4035 section 5.2 or any subsequent updates, unless [unusual case] One particularly relevant update is RFC 4509 which has extra requirements about ignoring SHA-1 DS records if SHA-2 records are present. Should this check also apply to CDS / CDNSKEY RRsets? Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode Portland, Plymouth: Cyclonic, mainly west or southwest, 5 to 7. Moderate or rough. Rain then showers. Moderate or poor, becoming good. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop