On Wed, Jun 20, 2018 at 9:15 PM Shumon Huque <shu...@gmail.com> wrote:
> On Tue, Jun 19, 2018 at 7:15 PM Mukund Sivaraman <m...@mukund.org> wrote: > >> >> There also seems to be a scalability problem with SIG(0) in that >> generating the signature involves a public-key operation per DNS >> message. >> >> For a zone transfer of the root zone from F, the AXFR contains 79 >> messages in the TCP continuation: >> >> ;; XFR size: 22554 records (messages 79, bytes 1335768) >> > > Yup, I realize that. That was one fo the reasons is I mentioned that > SIG(0) can > also sign IXFR messages if they are available from the server, which could > significantly reduce the performance impact. Thinking about it more now > though, > I recall that the current root zone management scheme isn't that conducive > to > incremental transfer, since the zone is signed monolithically twice a day > (IIRC). > One other comment on this: Getting better performance than this requires re-inventing something akin to TLS key exchange, and I was wondering if anyone had thought of that during the development of SIG(0). And sure enough, RFC 2930 proposes (among other things) SIG(0) authenticated symmetric key establishment using TKEY, either via Diffie-Hellman or client chosen key transport. So, together with AXFR-SIG (i.e. full zone signature), Don Eastlake appears to have long ago contemplated most of the design space around this draft and its problem space! :-) Shumon.
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
