[Cryptography] Certificates and PKI
Viktor Dukhovni
cryptography at dukhovni.org
Mon Dec 29 09:51:49 EST 2014
On Mon, Dec 29, 2014 at 01:06:53PM +0000, Ben Laurie wrote:
> > * This still might not address denial of existence "spam".
>
> Not entirely sure what the issue is here? DNSSEC already has denial of
> existence using no more records than already exist in the zone. Not
> clear why CT has a problem here?
PowerDNS is often used in "narrow mode", where denial of existence
proofs are generated and signed on the fly, with non-existentent
nodes evidenced not with NSEC3 RRs of actual nodes, but rather with
synthetic hashes that are the hash of the would be node +/- 1.
And the closest encloser node's right neighbour is again a "+1"
hash.
Here's a live example with the actual domain replaced by "example.":
example. SOA ns1.example. email.example. 2014120803 10800 3600 604800 3600
394ukt9jn8uge3d86433hgogtm429bqc.example. NSEC3 1 0 1 BEEF 394UKT9JN8UGE3D86433HGOGTM429BQD A AAAA RRSIG
3te5k6ninjarg2rhegq886jo6kqlaurd.example. NSEC3 1 0 1 BEEF 3TE5K6NINJARG2RHEGQ886JO6KQLAURF
m9ktr713mv89v98bat896geo4it3stbd.example. NSEC3 1 0 1 BEEF M9KTR713MV89V98BAT896GEO4IT3STBF
>From such a domain served by a DNSSEC hosting provider with many
client zones one can elicit an essentially unlimited number of
signed responses.
--
Viktor.
More information about the cryptography
mailing list