[rssac-caucus] Second round review on "Technical Analysis of the Naming Scheme Used For Individual Root Servers"

Terry Manderson terry at terrym.net
Thu May 4 18:24:15 UTC 2017 

Hi Paul and Caucus,

A side bar discussion elsewhere came around to this document, and it highlighted something I hadn't considered.

I would like to suggest some changes:

Terminology

Node re-delegation attack – These attacks, which were described almost a decade ago, potentially allow an attacker to poison the cache of a recursive resolver much more quickly than the well-known “Kaminsky attack”. Node re-delegation attacks hypothetically affect the resolution of all zones in resolvers that do not validate, and all unsigned zones in validating resolvers. [1]

[1] https://www.sec-consult.com/fxdata/seccons/prod/downloads/whitepaper-dns-node-redelegation.pdf


** my rationale, 1. after reading the cited document I find it difficult to seperate it's method and the kaminsky attack. This is precisely why I would like to see the citation. 2. since this is the topic of one of the recommendations I feel the current wording (terminology) is a confirmation of the attack, even before ascertaining its validity.

So therefore I propose the recommendation text:

Further study is required to understand if the current infrastructure is susceptible to various cache poisoning attack-scenarios including the cited node re-delegation attack and, if so, what the effects of such attacks might be. Understanding these risks is necessary to assess the risk of changing the current root naming infrastructure. Any study conducted in this area should also be accompanied with proof-of-concept code so that it can be observed and further studied by the RSSAC Caucus and other researchers. 

Cheers
Terry

> On 27 Apr 2017, at 11:22 AM, Terry Manderson <terry at terrym.net> wrote:
> 
> Paul and the RSN Work Party,
> 
> Thank you for this latest version. I have read it and I am very pleased with the tone of the document and the reserved recommendations. The scope of work was certainly a substantial ask, and with investigation it seems entirely premature to make any recommendations of change based on what we know today. 
> 
> I especially like recommendation 7.2. It is finally the shift (IMHO) that is required here in terms of gaining a deeper understanding of resolver behaviours such that should RSSAC at some future point make recommendations for the Root Server System, those changes are well grounded and cognisant of the true technical impact(s) on resolvers.
> 
> Well done.
> 
> Terry
> 
> 
>> On 27 Apr 2017, at 9:32 AM, Paul Hoffman <paul.hoffman at icann.org> wrote:
>> 
>> Greetings. The Work Party has made some significant changes to the document at the request of a few folks from RSSAC. The new edition is at:
>>  https://docs.google.com/document/d/17eGSbMMo6GbyG8gE4l1uK1LW8Q1iCIouN4PATcVcRr8/edit
>> 
>> The major changes from the last version that Caucus saw are are:
>> - Tightening of the introduction, talking only about what the RSSAC asked the Caucus to look at
>> - Huge changes to the recommendations in Section 7, aiming more on the need for future work
>> - More focused tables in Appendix A
>> 
>> Please check all of these carefully and make tracked changes or comments in the document, plus let the list know. We would like this finished in about ten days, by May 5.
>> 
>> --Paul Hoffman
>> 
>> _______________________________________________
>> rssac-caucus mailing list
>> rssac-caucus at icann.org
>> https://mm.icann.org/mailman/listinfo/rssac-caucus
>

More information about the rssac-caucus mailing list