[ldns-users] canonical signer name in RRSIG during verification

W.C.A. Wijngaards wouter at nlnetlabs.nl
Tue Feb 28 15:59:19 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Miek,

On 02/28/2012 03:29 PM, Miek Gieben wrote:
> [ Quoting <Willem at nlnetlabs.nl> at 14:18 on Feb 28 in "Re:
> [ldns-users] can..." ]
>> Hi Peter,
>> 
>> First of all; Thanks for diving in so deep!
>> 
>> Then; Sorry for the late response, but those are subtle issues. I
>> interpret draft-ietf-dnsext-dnssec-bis-updates-16 section-5.1
>> such that the RDATA section of RRSIG (The Signer's Name field)
>> should be downcased for ordering and signing. Thus not
>> specifically for verifying.

Yes it does mean verifying.  This is because this is what deployed
software (at first, BIND, then after .US got signed, soon, unbound
too) does.

ldns verify still implemented the standard, but with the fix that it
creates lowercase signer-names, thus the canonicalisation became
immaterial.  Now, dnssec-bis-updates has caught up and is moving to
RFC and indeed ldns verify should implement the proper verification.
But we wanted to be careful with implementing not-yet-RFC, but this
now creates trouble with powerDNS.  So, the we intend to lowercase
signer-names in ldns in canonicalisation (and also in verification and
signing), as well as keep the compatibility lowercase generation of
signernames that makes the issue immaterial for signatures created by
ldns.

>> If a signer produces (against the very *recent* directive) an
>> RRSIG with an mixed case "Signer's Name" a verifier should be
>> able to validate that too. Though, I do agree that the downcased
>> "Signer's name" should be tried to validate also.
>> 
>> A contribution that would do just that would be great! :) (but if
>> you don't I will of course :)
>> 
>> Also I believe that signers following the new directive put a
>> lowercased "Signer's Name" in the RRSIG RDATA. Is this not the
>> case? How did you produce the validation failure? Was it from a
>> situation in the wild?
> 
> I think:
> 
> dig +dnssec nic.us DS
> 
> sums it up nicely.
> 
> My Go code validates pretty much everything, except signatures from
> that domain (.US) :(

You must downcase the signername (implement dnssec-bis-updates).

> So we have the old spec, the new spec and stuff in the wild...

Yes BIND used to implement SIG where the signername was compressible
and thus has to be downcased.  Then moved to RRSIG but that code was
left in there.  And thus unbound changed, and ldns changed it
rrsig-generation.  And now its back for ldns verify (of signatures
that it did not create itself - I think that most signers out there
generate backwards compatible RRSIGs) :-)

Check HINFO and NSEC too.  (see dnssec-bis-updates).

Best regards,
   Wouter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPTPnXAAoJEJ9vHC1+BF+Nc34P/ib3qXhkKOCK4p1njBvLXi3E
W+cd9Ga91ZfyZW9W+Ky2IAPkHfX1VAsz+3qQ1G3wp30cajHOBnZ95S3tQqqzprlR
6EKc8m+UU4w+4JmNC/GQ7Zj1WHFm8tVtf3w9m1ThU7KPUhHg4TsxeTtO+kD0Ya2q
Rfpc5dhSXrXs0JN5bhd/zky8KLVPXpG+r3tLmwBJpq1se5O1+uY/eOlnCZsBWM2E
b3KKUoyrT0qvyG2z+RaJXY31a5R9PrLuZQehPZ7hBL34RkjJyboQLWUXiiFsPWL8
rw2w69sVJDjlhYQAYxAwTLc0xQrUnXgOnw4I1bMe1D30sg9/BX/D1w+3frUbvCgy
t9KSDS+nDKU9GbLPj1kgEWjNgat8ewPPQaai//7bmjzwOqDI0g2Q/wMmORJpIf+T
Oe8azQrocTbOHIDOKsSWCwB4CocPYzEOkl2C5RRVcR/wxjtte5oD6g1E47x0cB95
sL2kzP9DAie9Gzsrfu/ZB+gHOECkFntkzDV4dEcEaQvMjHnaWaxuaJl+2D4xKbuE
LNSc0LVfBGU9D+F2P4EGrBqCDwVQbf7OYXHSY8N8F/QNSPdZ6+fAghTM5Kas2fEr
A8XNhgLj5dWNJhqwibkE8ndajF/goLhj7BuyS/IzBs3eSY9jcKMSuDHcpr5CFyT4
gxognDH3bUX6y4KiiUE3
=UdB5
-----END PGP SIGNATURE-----



More information about the ldns-users mailing list