On Mon, Jul 30, 2018 at 03:44:11PM -0700, Paul Hoffman wrote: > I am still mystified about the scenario in which a malicious zone > operator creates two zone files with the same ZONEMD hash, one with the > right set of addresses for unsigned child zones, and a different one > with one of more of those child zones with wrong addresses plus enough > other kruft to make the colliding hashes match. In what world is that > attack more likely than just not using ZONEMD?
I don't think the imagined attack involves a zone operator creating two zones. It would be a zone operating creating one zone, with a legitimate and validly signed ZONEMD, and then someone else creating a fake version of the zone in which all the signed rrsets still validate, and the ZONEMD still matches, but the unsigned parts have been mucked with. Adding an RR count does make that attack more expensive. I'm not sure it makes enough difference to be worthwhile. Another imagined attack is someone trying to dump terabytes on you when initiate the zone transfer. An RR count could help with that, if you looked it up before starting the transfer. (For the record, I neither favor nor oppose the idea. I don't see much benefit, but I also don't see much cost.) -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
