Remote Session - 17 June 2020

WG co-Chairs: João Damas, Shane Kerr, David Knight

Date: 17 June 2020, 15:00 – 16:30



Scribe: Boris Duval
Status: Draft

1. The NXNS Attack Vulnerability
Ralph Dolmans, NLnetLabs, and Lior Shafir, Tel Aviv University

Concerning patching unbound, João Damas asked Ralph if users would be able to set the target-fetch-policy themselves.

Ralph Dolmans confirmed that this will be available as a configuration option.

João asked Lior Shafir if he could summarise the differences between the iDNS and the NXNS attacks.

Lior replied that there are some similarities between the core features of the attacks as they both exploit the way recursive resolvers operate when they receive glueless name servers.

He explained that the main difference was that the iDNS attack had a maximal amplification factor of 10.

Ralf Weber mentioned that Akamai/Nominum Cacheserve and Akamai/Xerocole AnswerX were not affected by the NXNS attack as they had limits in the software for this issue in the Cacheserve case. Ralf added that he would appreciate if this was mentioned in the study as he got customers questions about these issues.

Steve Crocker asked if someone could put together a memo for researchers suggesting who to contact when they discover a flaw. He added that it should also discuss whether the researcher should manage the disclosure process or whether it should be someone else. 

Ralph Dolmans agreed with Steve’s proposal. However, he mentioned that it was complicated to decide who should lead this process and asked the community for their input and suggestions.  

There were no further questions.

2. The Impact of Post Quantum Cryptography on DNSSEC
Moritz Müller, SIDN, and Jins de Jong, University of Münster

Shane Kerr asked if the presenters thought that the current DNSSEC model would still be compatible with post-quantum cryptography. 

Moritz Müller answered that he believed that it was possible if they found the right algorithms.

Steve Crocker commented that increasing ttl will reduce the load on the validator but won’t reduce the latency (i.e. the delay in validating).

Jins de Jong agreed with Steve’s comment.

Shane asked the presenters if they were participating in a DNS circle or if this research was a side-project.

Moritz answered that they were not involved in any DNS groups but mentioned that one of his colleagues was involved in the IETF. Jins added that they they know for a long time that post-quantum cryptography applications are hard to build and that there are not a lot of use-cases. However, he mentioned that DNSSEC is a good starting point for this research. 

Shane shared that his main concern was that safe post-quantum cryptography would be incompatible with the current DNS model and that the community would have to be creative in reinventing how to transfer trust and make cryptographic validation in the future.

Mortiz and Jins agreed that it will take time to come up with a sound system.

Petr Spacek commented that being limited to short signatures would be asking for trouble in the long term. He added that the DNS community would need to keep a certain form of algorithm agility.

Moritz agreed that they should probably look at algorithm with longer signatures as it might be necessary.

Jins clarified that the algorithms discussed in their presentations were at least as safe as the current ones being used. He added that concerning the level 1 proposals, there is no known way to break these algorithms within decades and that security is therefore not the biggest issue.

Steve Crocker commented that the community should be rolling the root key more often in order to build up experience and prepare for algorithm agility.

There were no further questions.


RIPE Forum

The RIPE Forum is an additional way to participate in RIPE community mailing list discussions using a web-based interface rather than an email client.

Check out the forum