diff options
Diffstat (limited to 'contrib/bind9/doc/rfc/rfc3008.txt')
-rw-r--r-- | contrib/bind9/doc/rfc/rfc3008.txt | 395 |
1 files changed, 0 insertions, 395 deletions
diff --git a/contrib/bind9/doc/rfc/rfc3008.txt b/contrib/bind9/doc/rfc/rfc3008.txt deleted file mode 100644 index 08a4a8f..0000000 --- a/contrib/bind9/doc/rfc/rfc3008.txt +++ /dev/null @@ -1,395 +0,0 @@ - - - - - - -Network Working Group B. Wellington -Request for Comments: 3008 Nominum -Updates: 2535 November 2000 -Category: Standards Track - - - Domain Name System Security (DNSSEC) Signing Authority - -Status of this Memo - - This document specifies an Internet standards track protocol for the - Internet community, and requests discussion and suggestions for - improvements. Please refer to the current edition of the "Internet - Official Protocol Standards" (STD 1) for the standardization state - and status of this protocol. Distribution of this memo is unlimited. - -Copyright Notice - - Copyright (C) The Internet Society (2000). All Rights Reserved. - -Abstract - - This document proposes a revised model of Domain Name System Security - (DNSSEC) Signing Authority. The revised model is designed to clarify - earlier documents and add additional restrictions to simplify the - secure resolution process. Specifically, this affects the - authorization of keys to sign sets of records. - - The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", - "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this - document are to be interpreted as described in RFC 2119 [RFC2119]. - -1 - Introduction - - This document defines additional restrictions on DNSSEC signatures - (SIG) records relating to their authority to sign associated data. - The intent is to establish a standard policy followed by a secure - resolver; this policy can be augmented by local rules. This builds - upon [RFC2535], updating section 2.3.6 of that document. - - The most significant change is that in a secure zone, zone data is - required to be signed by the zone key. - - Familiarity with the DNS system [RFC1034, RFC1035] and the DNS - security extensions [RFC2535] is assumed. - - - - - - -Wellington Standards Track [Page 1] - -RFC 3008 DNSSEC Signing Authority November 2000 - - -2 - The SIG Record - - A SIG record is normally associated with an RRset, and "covers" (that - is, demonstrates the authenticity and integrity of) the RRset. This - is referred to as a "data SIG". Note that there can be multiple SIG - records covering an RRset, and the same validation process should be - repeated for each of them. Some data SIGs are considered "material", - that is, relevant to a DNSSEC capable resolver, and some are - "immaterial" or "extra-DNSSEC", as they are not relevant to DNSSEC - validation. Immaterial SIGs may have application defined roles. SIG - records may exist which are not bound to any RRset; these are also - considered immaterial. The validation process determines which SIGs - are material; once a SIG is shown to be immaterial, no other - validation is necessary. - - SIGs may also be used for transaction security. In this case, a SIG - record with a type covered field of 0 is attached to a message, and - is used to protect message integrity. This is referred to as a - SIG(0) [RFC2535, RFC2931]. - - The following sections define requirements for all of the fields of a - SIG record. These requirements MUST be met in order for a DNSSEC - capable resolver to process this signature. If any of these - requirements are not met, the SIG cannot be further processed. - Additionally, once a KEY has been identified as having generated this - SIG, there are requirements that it MUST meet. - -2.1 - Type Covered - - For a data SIG, the type covered MUST be the same as the type of data - in the associated RRset. For a SIG(0), the type covered MUST be 0. - -2.2 - Algorithm Number - - The algorithm specified in a SIG MUST be recognized by the client, - and it MUST be an algorithm that has a defined SIG rdata format. - -2.3 - Labels - - The labels count MUST be less than or equal to the number of labels - in the SIG owner name, as specified in [RFC2535, section 4.1.3]. - -2.4 - Original TTL - - The original TTL MUST be greater than or equal to the TTL of the SIG - record itself, since the TTL cannot be increased by intermediate - servers. This field can be ignored for SIG(0) records. - - - - -Wellington Standards Track [Page 2] - -RFC 3008 DNSSEC Signing Authority November 2000 - - -2.5 - Signature Expiration and Inception - - The current time at the time of validation MUST lie within the - validity period bounded by the inception and expiration times. - -2.6 - Key Tag - - There are no restrictions on the Key Tag field, although it is - possible that future algorithms will impose constraints. - -2.7 - Signer's Name - - The signer's name field of a data SIG MUST contain the name of the - zone to which the data and signature belong. The combination of - signer's name, key tag, and algorithm MUST identify a zone key if the - SIG is to be considered material. The only exception that the - signer's name field in a SIG KEY at a zone apex SHOULD contain the - parent zone's name, unless the KEY set is self-signed. This document - defines a standard policy for DNSSEC validation; local policy may - override the standard policy. - - There are no restrictions on the signer field of a SIG(0) record. - The combination of signer's name, key tag, and algorithm MUST - identify a key if this SIG(0) is to be processed. - -2.8 - Signature - - There are no restrictions on the signature field. The signature will - be verified at some point, but does not need to be examined prior to - verification unless a future algorithm imposes constraints. - -3 - The Signing KEY Record - - Once a signature has been examined and its fields validated (but - before the signature has been verified), the resolver attempts to - locate a KEY that matches the signer name, key tag, and algorithm - fields in the SIG. If one is not found, the SIG cannot be verified - and is considered immaterial. If KEYs are found, several fields of - the KEY record MUST have specific values if the SIG is to be - considered material and authorized. If there are multiple KEYs, the - following checks are performed on all of them, as there is no way to - determine which one generated the signature until the verification is - performed. - - - - - - - - -Wellington Standards Track [Page 3] - -RFC 3008 DNSSEC Signing Authority November 2000 - - -3.1 - Type Flags - - The signing KEY record MUST have a flags value of 00 or 01 - (authentication allowed, confidentiality optional) [RFC2535, 3.1.2]. - A DNSSEC resolver MUST only trust signatures generated by keys that - are permitted to authenticate data. - -3.2 - Name Flags - - The interpretation of this field is considerably different for data - SIGs and SIG(0) records. - -3.2.1 - Data SIG - - If the SIG record covers an RRset, the name type of the associated - KEY MUST be 01 (zone) [RFC2535, 3.1.2]. This updates RFC 2535, - section 2.3.6. The DNSSEC validation process performed by a resolver - MUST ignore all keys that are not zone keys unless local policy - dictates otherwise. - - The primary reason that RFC 2535 allows host and user keys to - generate material DNSSEC signatures is to allow dynamic update - without online zone keys; that is, avoid storing private keys in an - online server. The desire to avoid online signing keys cannot be - achieved, though, because they are necessary to sign NXT and SOA sets - [RFC3007]. These online zone keys can sign any incoming data. - Removing the goal of having no online keys removes the reason to - allow host and user keys to generate material signatures. - - Limiting material signatures to zone keys simplifies the validation - process. The length of the verification chain is bounded by the - name's label depth. The authority of a key is clearly defined; a - resolver does not need to make a potentially complicated decision to - determine whether a key has the proper authority to sign data. - - Finally, there is no additional flexibility granted by allowing - host/user key generated material signatures. As long as users and - hosts have the ability to authenticate update requests to the primary - zone server, signatures by zone keys are sufficient to protect the - integrity of the data to the world at large. - -3.2.2 - SIG(0) - - If the SIG record is a SIG(0) protecting a message, the name type of - the associated KEY SHOULD be 00 (user) or 10 (host/entity). - Transactions are initiated by a host or user, not a zone, so zone - keys SHOULD not generate SIG(0) records. - - - - -Wellington Standards Track [Page 4] - -RFC 3008 DNSSEC Signing Authority November 2000 - - - A client is either explicitly executed by a user or on behalf of a - host, therefore the name type of a SIG(0) generated by a client - SHOULD be either user or host. A nameserver is associated with a - host, and its use of SIG(0) is not associated with a particular zone, - so the name type of a SIG(0) generated by a nameserver SHOULD be - host. - -3.3 - Signatory Flags - - This document does not assign any values to the signatory field, nor - require any values to be present. - -3.4 - Protocol - - The signing KEY record MUST have a protocol value of 3 (DNSSEC) or - 255 (ALL). If a key is not specified for use with DNSSEC, a DNSSEC - resolver MUST NOT trust any signature that it generates. - -3.5 - Algorithm Number - - The algorithm field MUST be identical to that of the generated SIG - record, and MUST meet all requirements for an algorithm value in a - SIG record. - -4 - Security Considerations - - This document defines a standard baseline for a DNSSEC capable - resolver. This is necessary for a thorough security analysis of - DNSSEC, if one is to be done. - - Specifically, this document places additional restrictions on SIG - records that a resolver must validate before the signature can be - considered worthy of DNSSEC trust. This simplifies the protocol, - making it more robust and able to withstand scrutiny by the security - community. - -5 - Acknowledgements - - The author would like to thank the following people for review and - informative comments (in alphabetical order): - - Olafur Gudmundsson - Ed Lewis - - - - - - - - -Wellington Standards Track [Page 5] - -RFC 3008 DNSSEC Signing Authority November 2000 - - -6 - References - - [RFC1034] Mockapetris, P., "Domain Names - Concepts and Facilities", - STD 13, RFC 1034, November 1987. - - [RFC1035] Mockapetris, P., "Domain Names - Implementation and - Specification", STD 13, RFC 1035, November 1987. - - [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate - Requirement Levels", BCP 14, RFC 2119, March 1997. - - [RFC2136] Vixie (Ed.), P., Thomson, S., Rekhter, Y. and J. Bound, - "Dynamic Updates in the Domain Name System", RFC 2136, - April 1997. - - [RFC2535] Eastlake, D., "Domain Name System Security Extensions", - RFC 2535, March 1999. - - [RFC2931] Eastlake, D., "DNS Request and Transaction Signatures - (SIG(0)s )", RFC 2931, September 2000. - - [RFC3007] Wellington, B., "Simple Secure Domain Name System - (DNS) Dynamic Update", RFC 3007, November 2000. - -7 - Author's Address - - Brian Wellington - Nominum, Inc. - 950 Charter Street - Redwood City, CA 94063 - - Phone: +1 650 381 6022 - EMail: Brian.Wellington@nominum.com - - - - - - - - - - - - - - - - - - -Wellington Standards Track [Page 6] - -RFC 3008 DNSSEC Signing Authority November 2000 - - -8 Full Copyright Statement - - Copyright (C) The Internet Society (2000). All Rights Reserved. - - This document and translations of it may be copied and furnished to - others, and derivative works that comment on or otherwise explain it - or assist in its implementation may be prepared, copied, published - and distributed, in whole or in part, without restriction of any - kind, provided that the above copyright notice and this paragraph are - included on all such copies and derivative works. However, this - document itself may not be modified in any way, such as by removing - the copyright notice or references to the Internet Society or other - Internet organizations, except as needed for the purpose of - developing Internet standards in which case the procedures for - copyrights defined in the Internet Standards process must be - followed, or as required to translate it into languages other than - English. - - The limited permissions granted above are perpetual and will not be - revoked by the Internet Society or its successors or assigns. - - This document and the information contained herein is provided on an - "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING - TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING - BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION - HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF - MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. - -Acknowledgement - - Funding for the RFC Editor function is currently provided by the - Internet Society. - - - - - - - - - - - - - - - - - - - -Wellington Standards Track [Page 7] - |