headers
Francisco Arias | 17 May 2013 01:29
Picon
Favicon

gtld-tech mailing list

Colleagues,

This is to let you know that we are launching a public, open mailing list
for technical discussions regarding gTLD registries and registrars. The
intention is to provide a forum for discussion of issues that may appear
during ongoing operation and particularly with the upcoming launch of new
gTLDs.

You can subscribe to the list at:

https://mm.icann.org/mailman/listinfo/gtld-tech

Regards,

--

-- 
Francisco Arias
ICANN technical staff

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply | 0 comments |
headers
johnsonhammond2 | 27 Apr 2013 19:05
Favicon

Biggest Fake Conference in Computer Science

Biggest Fake Conference in Computer Science

We are researchers from different parts of the world and conducted a study on  
the world’s biggest bogus computer science conference WORLDCOMP 
( http://sites.google.com/site/worlddump1 ) organized by Prof. Hamid Arabnia 
from University of Georgia, USA.

We submitted a fake paper to WORLDCOMP 2011 and again (the same paper 
with a modified title) to WORLDCOMP 2012. This paper had numerous 
fundamental mistakes. Sample statements from that paper include: 

(1). Binary logic is fuzzy logic and vice versa
(2). Pascal developed fuzzy logic
(3). Object oriented languages do not exhibit any polymorphism or inheritance
(4). TCP and IP are synonyms and are part of OSI model 
(5). Distributed systems deal with only one computer
(6). Laptop is an example for a super computer
(7). Operating system is an example for computer hardware

Also, our paper did not express any conceptual meaning.  However, it 
was accepted both the times without any modifications (and without 
any reviews) and we were invited to submit the final paper and a 
payment of $500+ fee to present the paper. We decided to use the 
fee for better purposes than making Prof. Hamid Arabnia (Chairman 
of WORLDCOMP) rich. After that, we received few reminders from 
WORLDCOMP to pay the fee but we never responded. 

We MUST say that you should look at the above website if you have any thoughts 
to submit a paper to WORLDCOMP.  DBLP and other indexing agencies have stopped 
indexing WORLDCOMP’s proceedings since 2011 due to its fakeness. See
(Continue reading)

Permalink | Reply | 0 comments |
headers
Mark Andrews | 26 Apr 2013 07:50

Re: Thoughts on CDS


In message <d1b81df4-99d1-4e1f-9654-e73a90d196a1 <at> email.android.com>, P Vixie wr
ites:
> 
> Note that this is rendezvous information for the management plane and has no 
> protocol significance. A distinct name in the child like _cds._dnssec. <at>  could
>  hold a DS record without confusion.

Which doesn't work if you have a DNAME at the zone apex.

> Similarly, the current DS RR should really have been placed at _ds.child labe
> l._dnssec.parentdomain to keep it unambiguously in the parent zone and away f
> rom the delegation name.
> 
> Is to late for the latter but not for the former.
> 
> Let's not burn a type code just to keep CDS separate.

If there is going to be zone scraping then the record must be at
the zone apex.

Mark
--

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka <at> isc.org
_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
(Continue reading)

Permalink | Reply | 1 comment |
headers
Joe Abley | 25 Apr 2013 21:19
Picon

Re: Thoughts on CDS


On 2013-04-25, at 14:14, P Vixie <paul <at> redbarn.org> wrote:

> Let's not burn a type code just to keep CDS separate.

Note that the type code for CDS has already been assigned, see:

http://www.iana.org/assignments/dns-parameters/dns-parameters.xml

(it's 59)

Joe
_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply | 0 comments |
headers
Wes Hardaker | 24 Apr 2013 15:18
Picon

DS transfer requirements


Ed pointed me to a message he wrote [1] and some of the text there
triggered my "oh yeah; we need to start with the requirements" bell.  I
think part of the problem has been we don't have a good list of
requirements to compare any given solution to and we're talking around
them all because they're not written down (at least in one place).  So,
stealing bullets from Ed's text and adding some, what are in these lists
that shouldn't be, or is in the wrong place and what is missing
entirely?  There are some I surely suspect people disagree about their
location in the list.  This is very much a working-document list.

* MUST be able tos

  + Let the child be able to signal a desire to:
    - add a DS record for a key that is not yet published.
    - delete a DS record for a key that has never been published.
    - add a DS recrord for a key that is in use.
    - delete a DS record for a key that is in use.
    - add DS records for hashes not previously supported.
    - add DS records for hashes I am moving away from.

  + Allow the insertion/deletion action to be done by the parental agent
    when the child and parent both agree that one of these will trigger
    a "go" indication:
    - A child operator indicates "go" via a secondary mechanism (e.g., http)
    - Immediately after successful data verification within the transfer
      mechanism 

  + Not change existing DNSSEC validation steps (see [2] below)
(Continue reading)

Permalink | Reply | 5 comments |
headers
Anne-Marie Eklund-Löwinder | 20 Apr 2013 07:40
Picon

Ang.: RISKS and mitigations for draft-jabley-dnssec-trust-anchor

As you may read from our comments, we used to publish our key in a wide spread computer magazine. To get it machine readable, maybe we finally will get use of the qr code that everyone hates so much! /Anne-Marie

Skickat från min HTC


----- Reply message -----
Från: "Steve Crocker" <steve <at> shinkuro.com>
Till: "Tony Finch" <dot <at> dotat.at>
Kopia: "joe.abley <at> icann.org" <joe.abley <at> icann.org>, "gubailey <at> microsoft.com" <gubailey <at> microsoft.com>, "dnsop <at> ietf.org" <dnsop <at> ietf.org>, "Jakob Schlyter" <jakob <at> kirei.se>, "dnssec-deployment <at> dnssec-deployment.org" <dnssec-deployment <at> dnssec-deployment.org>, "Steve Crocker" <steve <at> shinkuro.com>
Rubrik: [DNSOP] RISKS and mitigations for draft-jabley-dnssec-trust-anchor
Datum: fre, apr 19, 2013 23:54



Tony,

Nice post.  This reminds me of some thinking along these lines I did several years ago, which was based on the analogy of how stock market prices are published.  (Things have shifted quite a bit with the availability of real-time feeds on the Internet, so give me some latitude here.)

In the "old days" most people would get closing stock market prices from their newspaper.  Newspapers were not primary authorities, of course, but they were trusted publishers.  Each person could choose which paper to read, and if a particular paper were to screw up the publication of the stock market page, readers would have quickly switched to another publisher.

The application of that scheme to the present issue is to allow multiple "publishers" sign and promulgate the root key.  For automated operation it's best if they all use the same publication format.  Each user could then choose any of the available publishers.  If a publisher were to publish the wrong information, it be evident very quickly and the consequences would be relatively painful.

If someone is paranoid about the possibility of being spoofed, he can compare the results from multiple publishers and/or rotate among the many publishers.  But there's no need for the publishers to coordinate among themselves, except for the standard format, and there's no need for a formal quorum of witnesses.  (I guess if someone wanted to advocate a best practice of using a quorum of witnesses, that's ok with me, but I view that as an added layer, not necessarily required.)

Steve



On Apr 19, 2013, at 4:41 PM, Tony Finch <dot <at> dotat.at> wrote:

> This is a followup to my comments on ICANN's root zone KSK rollover
> consultation. In the last section, responding to question 7 about "other
> considerations", I made a number of suggestions for improvements to the
> trust anchor publication mechanism.
> http://forum.icann.org/lists/comments-root-zone-consultation-08mar13/msg00013.html
>
> The most important is the last paragraph:
>
> : I understand that ICANN would like to include third party signatures on
> : the root trust anchor publication web site. This would be a very good
> : thing, since it would allow out-of-band update software to require a
> : quorum of valid signatures instead of just one. This improves
> : security, since compromise of a single key does not compromise the
> : whole process. It improves robustness, since signing keys will be able
> : to change without breaking existing software that uses those keys for
> : validation, so long as a quorum of old-enough keys remain in use.
>
> Basically I want a machine-verifiable version of this:
> http://dns.icann.org/ksk/ds19036/
>
> The risk is that the key used to sign the KSK, and the CA used to
> authenticate the key, are both single points of failure. There is no
> single point of failure in the quorum-of-witnesses scheme. The keys can
> all be simply self-signed since individual keys are only slightly trusted;
> the trust comes from agreement between several independent signatures.
>
> Here are some more suggestions.
>
> Related to the previous risk, there are some operational and
> organizational single points of failure in the publication web site - for
> instance it is vulnerable to DNS and BGP screwups. This can be mitigated
> using a system of mirror sites.
>
> A more serious risk: the current publication scheme is vulnerable to
> replay attacks. If the KSK is compromised, an attacker might be able to
> force a victim to download and trust an old version of the trust anchor
> publication document. To mitigate this the trust anchor document (or its
> signatures) should have an explicit lifetime. Validators should refresh
> their copy of the trust anchor document before it expires. They should
> remember the most recent version they have seen and refuse to downgrade to
> an old version. They should probably also keep track of which DNSKEYs have
> been retired and refuse to trust them forever more.
>
> There is perhaps an opportunity to improve on RFC 5011, in particular to
> reduce the time to recover from a compromised KSK without pre-publishing
> standby keys. If a validator sees a change in the set of KSKs, it fetches
> and verifies the trust anchor document in order to authenticate the
> change. This can lead to the validator immediately trusting the new KSK
> and distrusting the old one. A rollover should take effect globally in
> roughly the TTL of the DNSKEY RRset - two days for the root at the moment.
>
> The old KSK has to remain actively used for signing the DNSKEY RRset
> during the rollover for a couple of reasons: first, you seriously do not
> want an attacker to be able to use a bogus DNSKEY RRset to force a
> validator to attempt a trust anchor update; second, it's desirable to let
> the validator continue using its existing trust anchor during the update
> process since that will be relatively slow.
>
> I think it makes sense to distinguish between a trust anchor refresh /
> update, which occurs during continuous operation of the validator, and
> which is only triggered by the age of the trust anchor document or by a
> validated change in the DNSKEY KSKs; and trust anchor bootstrap, which
> occurs when the validator has been offline long enough that its existing
> trust anchors do not work. In normal operation, failure to validate the
> root should be treated as an attack or a severely broken local network,
> and the right reaction is not to attempt an update. Bootstrapping is
> relatively risky and should only occur when the system is started or wakes
> up after a long sleep.
>
> Tony.
> --
> f.anthony.n.finch  <dot <at> dotat.at>  http://dotat.at/
> Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
> Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
> occasionally poor at first.
> _______________________________________________
> DNSOP mailing list
> DNSOP <at> ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply | 0 comments |
headers
Tony Finch | 19 Apr 2013 22:41
Picon
Favicon

RISKS and mitigations for draft-jabley-dnssec-trust-anchor

This is a followup to my comments on ICANN's root zone KSK rollover
consultation. In the last section, responding to question 7 about "other
considerations", I made a number of suggestions for improvements to the
trust anchor publication mechanism.
http://forum.icann.org/lists/comments-root-zone-consultation-08mar13/msg00013.html

The most important is the last paragraph:

: I understand that ICANN would like to include third party signatures on
: the root trust anchor publication web site. This would be a very good
: thing, since it would allow out-of-band update software to require a
: quorum of valid signatures instead of just one. This improves
: security, since compromise of a single key does not compromise the
: whole process. It improves robustness, since signing keys will be able
: to change without breaking existing software that uses those keys for
: validation, so long as a quorum of old-enough keys remain in use.

Basically I want a machine-verifiable version of this:
http://dns.icann.org/ksk/ds19036/

The risk is that the key used to sign the KSK, and the CA used to
authenticate the key, are both single points of failure. There is no
single point of failure in the quorum-of-witnesses scheme. The keys can
all be simply self-signed since individual keys are only slightly trusted;
the trust comes from agreement between several independent signatures.

Here are some more suggestions.

Related to the previous risk, there are some operational and
organizational single points of failure in the publication web site - for
instance it is vulnerable to DNS and BGP screwups. This can be mitigated
using a system of mirror sites.

A more serious risk: the current publication scheme is vulnerable to
replay attacks. If the KSK is compromised, an attacker might be able to
force a victim to download and trust an old version of the trust anchor
publication document. To mitigate this the trust anchor document (or its
signatures) should have an explicit lifetime. Validators should refresh
their copy of the trust anchor document before it expires. They should
remember the most recent version they have seen and refuse to downgrade to
an old version. They should probably also keep track of which DNSKEYs have
been retired and refuse to trust them forever more.

There is perhaps an opportunity to improve on RFC 5011, in particular to
reduce the time to recover from a compromised KSK without pre-publishing
standby keys. If a validator sees a change in the set of KSKs, it fetches
and verifies the trust anchor document in order to authenticate the
change. This can lead to the validator immediately trusting the new KSK
and distrusting the old one. A rollover should take effect globally in
roughly the TTL of the DNSKEY RRset - two days for the root at the moment.

The old KSK has to remain actively used for signing the DNSKEY RRset
during the rollover for a couple of reasons: first, you seriously do not
want an attacker to be able to use a bogus DNSKEY RRset to force a
validator to attempt a trust anchor update; second, it's desirable to let
the validator continue using its existing trust anchor during the update
process since that will be relatively slow.

I think it makes sense to distinguish between a trust anchor refresh /
update, which occurs during continuous operation of the validator, and
which is only triggered by the age of the trust anchor document or by a
validated change in the DNSKEY KSKs; and trust anchor bootstrap, which
occurs when the validator has been offline long enough that its existing
trust anchors do not work. In normal operation, failure to validate the
root should be treated as an attack or a severely broken local network,
and the right reaction is not to attempt an update. Bootstrapping is
relatively risky and should only occur when the system is started or wakes
up after a long sleep.

Tony.
--

-- 
f.anthony.n.finch  <dot <at> dotat.at>  http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.
_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply | 6 comments |
headers
Edward Lewis | 18 Apr 2013 19:27
Favicon

Thoughts on CDS

I was thinking a bit about the CDS draft, not specifically it, but the problem it is addressing.

This message was spurred by a comment that "in a key emergency where the private key is exposed" the only way to go forward is to completely stop DNSSEC and then do a re-start from state "0."  The rationale for that was, if I had your private key I could sign the DNSKEY set, add keys at will and generate signatures into the future.  Thus "forward security" would always be suspect.

I don't entirely agree with that.  After thinking some, the reason is that any new key in the DNS is, yes, signed by the old key, but also relies on the presence of a "sympathenic" DS record at the parent.  This represents a "two factor" approach to authenticating the new key - signed by the current zone administrator and also registered with the parent through some other security barrier.

For example, the new key is signed by an old key over the DNSKEY set.  And, assuming EPP, then the key has to come through the registration system's security too.  Yes, you can game either and maybe even both injection paths, but to be effective you have to game both.  Simply put, with just basic security hygiene, it's much harder to game both than to game either one.

From this, one of the important ideas is "two factor" authentication.  "Three factor" might be even more beneficial, but let's shoot for two first.

I think of the CDS proposal as having two components.  One is a means to marshall the information from child to parent.  The other is the way in which the data is transferred and handled.  In concept I wholeheartedly support the former component.  It's the latter component that gives me angina.  (I.e., heart burn, but I was trying to avoid using heart twice in the same sentence in those ways.)

The marshaling is very beneficial, it's much better than the current state of the art of cut-n-paste when the operator of the DNS is not the editor of the registry's contents.  Even if the registry wants DNSKEY records, having an indication of the DS desire allows the registry to get the DNSKEY unless the desire is for an un-published DNSKEY's DS record.  (Which does happen.)  IMHO, I don't support adding DS records based on DNSKEY - I say this not to mean I believe it is wrong but I say it to mean that someone that believes this has to come up with someway to get the un-published DNSKEY from the child to parent to accommodate this OR declare it operationally forbidden (which is also acceptable).

But when it comes to the "how" the data is transferred I have a lot of problems.

First, the draft says that the CDS has to be signed by the KSK and not a ZSK.  This is a problem to me because it's the first time an RRSIG over data is restricted to one kind of key or another.  To me that's a precedent setter, and as such needs scrutiny.  I understand that the requirement is because the KSK manager and the ZSK manager could be different (and are so for the root zone), but this is a change to the protocol in a way that hasn't been explored.  I think that there's something to be learned from the two factor observation though.

The most visible key management function where this plays a role is the root.  But, it doesn't play a role because the root has no parent and thus no need to marshall the key.  (In reality, the keys are marshaled via other means, out of band and play a role in the ICANN KSK ceremonies that happen 4 times a year.)

In any other situation, the CDS ought to just be the marshaling and the RRSIG over it just authenticating that the record got from the child to the parent with integrity.  The "out of band" environment that gets the parent to insert the DS has got to kick in to provide the second factor.

Switching to another environment, the usual case of a registrant in an ICANN-SRM-style zone (shared registry model) using EPP and registrars, this can play out using the following (I switch here because I believe it is a model fot the split KSK ZSK key management system - if they exist other than the root).  The new KSK is made and a CDS set is generated, signed, and published in the zone (omitting details on what is in the CDS for now).  The key management function then alerts the registrar that there's a new DS needed.  Today this is cut and paste and some say that registrars want customers to log in, see ads and then make the request.  True or not, this doesn't have to change, just instead of cut and paste, there's a notification button to click.  No polling, no looking, no pro-activeness needed by registrar.  The second factor here is logging into the registrar portal.

For registries that are willing or want to poll their registrants for CDS records, I'd caution that they might not be doing anyone a favor.  If the KSK was exposed, then a forged CDS might pass as real and the registrant can loose control of the zone - because only one factor was involved and the one factor was gamed.

I'll end this here.  I know that CDS isn't at the foremost of minds now.  There's no sense in a new draft to "compete" and we no longer have higher bandwidth workshops to go over these ideas.  So maybe this will get some others thinking, and whether there's merit to "two factor" approaches to key changes.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis             
NeuStar                    You can leave a voice message at +1-571-434-5468

There are no answers - just tradeoffs, decisions, and responses.
 

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply | 67 comments |
headers
Joe Abley | 3 Apr 2013 16:11
Picon

public consultation on root zone KSK rollover

Hi all,

As advised a month or so ago, the following public comment period is open:

  http://www.icann.org/en/news/public-comment/root-zone-consultation-08mar13-en.htm

We have received a small number of responses which are accessible from that page.

The topic at hand and the specific questions that have been asked as part of the consultation are important
ones; the decisions taken will have operational consequences to any user of the Internet who validates
DNS responses with DNSSEC.

If you have experience, opinions or expertise to contribute, it would be greatly appreciated. The window
for being able to submit comments closes on 12 April 2013 at 23:59 UTC.

Many thanks,

Joe

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply | 32 comments |
headers
Joe Abley | 25 Mar 2013 20:40
Picon

Fwd: New Version Notification for draft-jabley-dnsop-anycast-mapping-00.txt

Hi all,

I wrote up the below-referenced draft to document some measurement aspects of L-Root.

Since this is a description of an operational service, and not a request for review of how we do things at
ICANN, I don't think it makes sense for it to be a working group document and I'm not requesting adoption.

However, I am of course interested in accuracy and clarity in the text. If you have a few spare minutes and
don't mind giving me a review, I'd appreciate it.

(apologies if you get some form of this e-mail in multiple places due to overlapping list subscriptions)

Thanks,

Joe

Begin forwarded message:

> From: "internet-drafts <at> ietf.org" <internet-drafts <at> ietf.org>
> Subject: New Version Notification for draft-jabley-dnsop-anycast-mapping-00.txt
> Date: 25 March 2013 15:29:43 EDT
> To: Joe Abley <joe.abley <at> icann.org>
> 
> 
> A new version of I-D, draft-jabley-dnsop-anycast-mapping-00.txt
> has been successfully submitted by Joe Abley and posted to the
> IETF repository.
> 
> Filename:	 draft-jabley-dnsop-anycast-mapping
> Revision:	 00
> Title:		 A Summary of Various Mechanisms Deployed at L-Root for the Identification of Anycast Nodes
> Creation date:	 2013-03-25
> Group:		 Individual Submission
> Number of pages: 16
> URL:             http://www.ietf.org/internet-drafts/draft-jabley-dnsop-anycast-mapping-00.txt
> Status:          http://datatracker.ietf.org/doc/draft-jabley-dnsop-anycast-mapping
> Htmlized:        http://tools.ietf.org/html/draft-jabley-dnsop-anycast-mapping-00
> 
> 
> Abstract:
>   Anycast is a deployment technique commonly employed for
>   authoritative-only servers in the Domain Name System (DNS).  L-Root,
>   one of the thirteen root servers, is deployed in this fashion.
> 
>   Various techniques have been used to map deployed anycast
>   infrastructure externally, i.e. without reference to inside knowledge
>   about where and how such infrastructure has been deployed.
>   Motivations for performing such measurement exercises include
>   operational troubleshooting and infrastructure risk assessment.  In
>   the specific case of L-Root, the ability to measure and map anycast
>   infrastructure using the techniques mentioned in this document is
>   provided for reasons of operational transparency.
> 
>   This document describes all facilities deployed at L-Root to
>   facilitate mapping of its infrastructure and serves as documentation
>   for L-Root as a measurable service.
> 
> 
> 
> 
> The IETF Secretariat
> 

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply | 2 comments |
headers
joel jaeggli | 25 Mar 2013 17:24

please welcome the new co-chair Tim Wicinski

Folks,

First off let me thank you for the enthusiasm displayed by the 
participants on this list, we had over a dzoen volunteers to fill the 
slot vacated by Stephen. I've elected at this time to invite Tim to 
share the dutires with Peter.

I greatly appreciate all the advice I recived on what we should be doing 
in/with DNSOP.

joel

_______________________________________________
DNSOP mailing list
DNSOP <at> ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
Permalink | Reply | 0 comments |

Gmane