> On 21 Jun 2018, at 2:37 am, Mukund Sivaraman <m...@mukund.org> wrote: > > On Wed, Jun 20, 2018 at 09:48:40AM +1000, Mark Andrews wrote: >> Donald Eastlake’s early DNSSEC work had a working zone signature. It doesn’t >> require signing each message. It’s just relatively expensive to compute for >> large zones as it requires hashing the entire zone. >> >> RFC 2065 4.1.3 Zone Transfer (AXFR) SIG. >> >> Note this is SIG(AXFR) not SIG(0). > > doc/misc/dnssec in the BIND tree has this text by Andreas Gustafsson > from 2001: > > Secure Zone Transfers > > BIND 9 does not implement the zone transfer security mechanisms of > RFC2535 section 5.6, and we have no plans to implement them in the > future as we consider them inferior to the use of TSIG or SIG(0) to > ensure the integrity of zone transfers. > > I wonder what the reasons for "inferior" were. > > Mukund
When you are getting data from a source that you know to be authoritative and well behaved you only need to ensure that there is not corruption or MITM in the transfer. TSIG and SIG(0) work well for those scenarios. When you have a untrusted source SIG(AXFR) is better as it is generated by the ultimate source. That does come at a cost as does validating the transfer as both require processing the entire zone in a specified order. Horses for courses. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop