> On 28 Feb 2024, at 09:09, John Levine <jo...@taugh.com> wrote: > > It appears that Mark Andrews <ma...@isc.org> said: >> The current “fixes” still leave validators more vulnerable to cpu exhaustion >> attacks than eliminating colliding key tags in the signer does. This is a >> protocol bug that leads to >> cpu exhaustion. We, the IETF, have a duty to fix this at the protocol >> level. > > I'm having trouble understanding how this is fundamentally different > from CNAME loops, or NS sets with silly numbers of NS or A records. > > The kind of load is different but in each case the client needs to > limit the amount of work it's willing to do. We can forbid it in the > protocol but unless you have better contacts at the Protocol Police > than I do, people will do it anyway.
If you forbid in the protocol the tools will be fixed to prevent it occurring when signing and the validators don’t have to be prepared to play trial and error when there are duplicate tags in a DNSKEY RRset. It’s trivially easy to create a DNSKEY RRset with duplicate key tags that will validate. It trivially easy to create RRSIGs with a key tag that matches those duplicate key tags that don’t verify. We know that attackers regularly succeed in getting records to be looked up without direct access to the resolver. If you have an open resolver it is even easier. Colliding key tags are a force multiplier when trying to DoS a validating resolver. Mark > R's, > John > > PS: Try looking up 1.2.3.4.contacts.abuse.net. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
