[ldns-users] canonical signer name in RRSIG during verification
wouter at nlnetlabs.nl
Tue Feb 28 15:59:19 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
On 02/28/2012 03:29 PM, Miek Gieben wrote:
> [ Quoting <Willem at nlnetlabs.nl> at 14:18 on Feb 28 in "Re:
> [ldns-users] can..." ]
>> Hi Peter,
>> First of all; Thanks for diving in so deep!
>> Then; Sorry for the late response, but those are subtle issues. I
>> interpret draft-ietf-dnsext-dnssec-bis-updates-16 section-5.1
>> such that the RDATA section of RRSIG (The Signer's Name field)
>> should be downcased for ordering and signing. Thus not
>> specifically for verifying.
Yes it does mean verifying. This is because this is what deployed
software (at first, BIND, then after .US got signed, soon, unbound
ldns verify still implemented the standard, but with the fix that it
creates lowercase signer-names, thus the canonicalisation became
immaterial. Now, dnssec-bis-updates has caught up and is moving to
RFC and indeed ldns verify should implement the proper verification.
But we wanted to be careful with implementing not-yet-RFC, but this
now creates trouble with powerDNS. So, the we intend to lowercase
signer-names in ldns in canonicalisation (and also in verification and
signing), as well as keep the compatibility lowercase generation of
signernames that makes the issue immaterial for signatures created by
>> If a signer produces (against the very *recent* directive) an
>> RRSIG with an mixed case "Signer's Name" a verifier should be
>> able to validate that too. Though, I do agree that the downcased
>> "Signer's name" should be tried to validate also.
>> A contribution that would do just that would be great! :) (but if
>> you don't I will of course :)
>> Also I believe that signers following the new directive put a
>> lowercased "Signer's Name" in the RRSIG RDATA. Is this not the
>> case? How did you produce the validation failure? Was it from a
>> situation in the wild?
> I think:
> dig +dnssec nic.us DS
> sums it up nicely.
> My Go code validates pretty much everything, except signatures from
> that domain (.US) :(
You must downcase the signername (implement dnssec-bis-updates).
> So we have the old spec, the new spec and stuff in the wild...
Yes BIND used to implement SIG where the signername was compressible
and thus has to be downcased. Then moved to RRSIG but that code was
left in there. And thus unbound changed, and ldns changed it
rrsig-generation. And now its back for ldns verify (of signatures
that it did not create itself - I think that most signers out there
generate backwards compatible RRSIGs) :-)
Check HINFO and NSEC too. (see dnssec-bis-updates).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the ldns-users