I think I have spotted a lacuna or possibly erratum in RFC 7344.
In section 4.1 bullet 2 it says:
o Signer: MUST be signed with a key that is represented in both the
current DNSKEY and DS RRsets, unless [unusual case]
This allows a setup where
* the DNSKEY RRset contains a ZSK and a KSK
* the DNSKEY RRset is signed by the KSK (of course)
* the CDS and CDNSKEY RRsets are signed by the ZSK (weirdly)
* the parent contains DS records corresponding to both the KSK (of
course) and the ZSK (weirdly)
In this weird setup the ZSK's DS can't authenticate the delegation (per
RFC 4035 section 5.2) but it does authenticate the CDS/CDNSKEY RRsets.
Is this intended?
Or was RFC 7344 supposed to say something like:
o Signer: MUST be signed with a DNSKEY RR that authenticates the
delegation as described in RFC 4035 section 5.2 or any subsequent
updates, unless [unusual case]
One particularly relevant update is RFC 4509 which has extra requirements
about ignoring SHA-1 DS records if SHA-2 records are present. Should this
check also apply to CDS / CDNSKEY RRsets?
Tony.
--
f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode
Portland, Plymouth: Cyclonic, mainly west or southwest, 5 to 7. Moderate or
rough. Rain then showers. Moderate or poor, becoming good.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
