diff options
author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2020-09-04 23:03:22 +0200 |
---|---|---|
committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2020-09-04 23:03:22 +0200 |
commit | 0a62fcc3be82282fe1d01b44c1b2171b215254fd (patch) | |
tree | 743d720fa9dfb52d1857d16a07091e6f7c449ad1 | |
parent | f177a162f164edc868134f6385bb15214649a792 (diff) | |
download | lsd0001-0a62fcc3be82282fe1d01b44c1b2171b215254fd.tar.gz lsd0001-0a62fcc3be82282fe1d01b44c1b2171b215254fd.zip |
purging PKEY
-rw-r--r-- | draft-schanzen-gns.xml | 49 |
1 files changed, 28 insertions, 21 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index a68a0e8..8c6bf27 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
@@ -139,7 +139,7 @@ | |||
139 | called PKEY and EDKEY, respectively. | 139 | called PKEY and EDKEY, respectively. |
140 | </t> | 140 | </t> |
141 | <section anchor="zone_privacy" numbered="true" toc="default"> | 141 | <section anchor="zone_privacy" numbered="true" toc="default"> |
142 | <name>Privacy</name> | 142 | <name>Zone Key Blinding</name> |
143 | <t> | 143 | <t> |
144 | In GNS, the contents of a zone are cryptographically signed before | 144 | In GNS, the contents of a zone are cryptographically signed before |
145 | publishing. Instead of the zone private key "d", the signature MUST | 145 | publishing. Instead of the zone private key "d", the signature MUST |
@@ -240,8 +240,8 @@ HDKD-Public(zk, label) -> zk' | |||
240 | </dd> | 240 | </dd> |
241 | </dl> | 241 | </dl> |
242 | <t> | 242 | <t> |
243 | Given a label, the output of the HDKD-Private function is | 243 | Given a label, the output of the HDKD-Private function for zone |
244 | calculated as follows for PKEY zones: | 244 | key blinding is calculated as follows for PKEY zones: |
245 | </t> | 245 | </t> |
246 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 246 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
247 | zk := d * B | 247 | zk := d * B |
@@ -292,6 +292,8 @@ zk' := h mod L * zk | |||
292 | while the multiplication of "d" with "h" is a scalar multiplication. | 292 | while the multiplication of "d" with "h" is a scalar multiplication. |
293 | Signatures for PKEY zones are 512-bit ECDSA deterministic | 293 | Signatures for PKEY zones are 512-bit ECDSA deterministic |
294 | signatures compliant with <xref target="RFC6979" />. | 294 | signatures compliant with <xref target="RFC6979" />. |
295 | Finally, the label representation of a PKEY public zone key is | ||
296 | the Base32-encoding of "zk" prefixed with "pkey-". | ||
295 | </t> | 297 | </t> |
296 | </section> | 298 | </section> |
297 | <section anchor="zone_type_edkey" numbered="true" toc="default"> | 299 | <section anchor="zone_type_edkey" numbered="true" toc="default"> |
@@ -426,8 +428,9 @@ zk' := h mod L * zk | |||
426 | </section> | 428 | </section> |
427 | <section anchor="gnsrecords_pkey" numbered="true" toc="default"> | 429 | <section anchor="gnsrecords_pkey" numbered="true" toc="default"> |
428 | <name>PKEY</name> | 430 | <name>PKEY</name> |
429 | <t>In GNS, a delegation of a label to a zone is represented through a PKEY | 431 | <t>In GNS, a delegation of a label to a zone of type "PKEY" is |
430 | record. A PKEY resource record contains the public key of the zone to | 432 | represented through a PKEY record. |
433 | A PKEY resource record contains the public key of the zone to | ||
431 | delegate to. A PKEY record MUST be the only record under a label. No other | 434 | delegate to. A PKEY record MUST be the only record under a label. No other |
432 | records are allowed. A PKEY DATA entry has the following format:</t> | 435 | records are allowed. A PKEY DATA entry has the following format:</t> |
433 | <figure anchor="figure_pkeyrecord"> | 436 | <figure anchor="figure_pkeyrecord"> |
@@ -537,7 +540,7 @@ zk' := h mod L * zk | |||
537 | Nickname records can be used by zone administrators to publish an | 540 | Nickname records can be used by zone administrators to publish an |
538 | indication on what label this zone prefers to be referred to. | 541 | indication on what label this zone prefers to be referred to. |
539 | This is a suggestion to other zones what label to use when creating a | 542 | This is a suggestion to other zones what label to use when creating a |
540 | PKEY (<xref target="gnsrecords_pkey" />) record containing this zone's | 543 | delegation record (<xref target="zone_types" />) containing this zone's |
541 | public zone key. | 544 | public zone key. |
542 | This record SHOULD only be stored under the empty label "@" but MAY be | 545 | This record SHOULD only be stored under the empty label "@" but MAY be |
543 | returned with record sets under any label as a supplemental record. | 546 | returned with record sets under any label as a supplemental record. |
@@ -845,8 +848,9 @@ q := SHA512 (HDKD-Public(zk, label)) | |||
845 | The padding MUST contain the value 0 in all octets. | 848 | The padding MUST contain the value 0 in all octets. |
846 | The padding MUST ensure that the size of the RDATA WITHOUT the RR | 849 | The padding MUST ensure that the size of the RDATA WITHOUT the RR |
847 | COUNT field is a power of two. | 850 | COUNT field is a power of two. |
848 | As a special exception, record sets with (only) a PKEY record type | 851 | As a special exception, record sets with (only) a zone delegation |
849 | are never padded. Note that a record set with a PKEY record MUST NOT | 852 | record type are never padded. |
853 | Note that a record set with a delegation record MUST NOT | ||
850 | contain other records. | 854 | contain other records. |
851 | </dd> | 855 | </dd> |
852 | 856 | ||
@@ -999,8 +1003,8 @@ BDATA := TWOFISH(K[32:63], IV[16:31], | |||
999 | <li> | 1003 | <li> |
1000 | Case 1: | 1004 | Case 1: |
1001 | If the remainder of the name to resolve is empty and the record set | 1005 | If the remainder of the name to resolve is empty and the record set |
1002 | does not consist of a PKEY, CNAME or DNS2GNS record, the record set | 1006 | does not consist of a delegation, CNAME or DNS2GNS record, |
1003 | is the result and the recursion is concluded. | 1007 | the record set is the result and the recursion is concluded. |
1004 | </li> | 1008 | </li> |
1005 | <li> | 1009 | <li> |
1006 | Case 2: | 1010 | Case 2: |
@@ -1013,7 +1017,7 @@ BDATA := TWOFISH(K[32:63], IV[16:31], | |||
1013 | Case 3: | 1017 | Case 3: |
1014 | If the remainder of the name to resolve is not empty and | 1018 | If the remainder of the name to resolve is not empty and |
1015 | does not match the "_SERVICE._PROTO" syntax, then the current record set | 1019 | does not match the "_SERVICE._PROTO" syntax, then the current record set |
1016 | MUST consist of a single PKEY record (<xref target="pkey_processing" />), | 1020 | MUST consist of a single delegation record (<xref target="delegation_processing" />), |
1017 | a single CNAME record (<xref target="cname_processing" />), | 1021 | a single CNAME record (<xref target="cname_processing" />), |
1018 | or one or more GNS2DNS records (<xref target="gns2dns_processing" />), | 1022 | or one or more GNS2DNS records (<xref target="gns2dns_processing" />), |
1019 | which are processed as described in the respective sections below. | 1023 | which are processed as described in the respective sections below. |
@@ -1028,7 +1032,7 @@ BDATA := TWOFISH(K[32:63], IV[16:31], | |||
1028 | if possible. | 1032 | if possible. |
1029 | </li> | 1033 | </li> |
1030 | </ol> | 1034 | </ol> |
1031 | <section anchor="pkey_processing" numbered="true" toc="default"> | 1035 | <section anchor="delegation_processing" numbered="true" toc="default"> |
1032 | <name>PKEY</name> | 1036 | <name>PKEY</name> |
1033 | <t> | 1037 | <t> |
1034 | When the resolver encounters a PKEY record and the remainder of | 1038 | When the resolver encounters a PKEY record and the remainder of |
@@ -1061,8 +1065,9 @@ BDATA := TWOFISH(K[32:63], IV[16:31], | |||
1061 | The DNS server names may themselves be names in GNS or DNS. | 1065 | The DNS server names may themselves be names in GNS or DNS. |
1062 | If the DNS server name ends in ".+", the rest of the name is to be | 1066 | If the DNS server name ends in ".+", the rest of the name is to be |
1063 | interpreted relative to the zone of the GNS2DNS record. | 1067 | interpreted relative to the zone of the GNS2DNS record. |
1064 | If the DNS server name ends in ".<Base32(zk)>", the DNS | 1068 | If the DNS server name ends in a label representation of a |
1065 | server name is to be resolved against the GNS zone zk. | 1069 | zone key, the DNS server name is to be resolved against |
1070 | the GNS zone zk. | ||
1066 | </t> | 1071 | </t> |
1067 | <t> | 1072 | <t> |
1068 | Multiple GNS2DNS records may be stored under the same label, | 1073 | Multiple GNS2DNS records may be stored under the same label, |
@@ -1116,7 +1121,7 @@ BDATA := TWOFISH(K[32:63], IV[16:31], | |||
1116 | <t> | 1121 | <t> |
1117 | The recursive DNS resolution process may yield a CNAME as well | 1122 | The recursive DNS resolution process may yield a CNAME as well |
1118 | which in turn may either point into the DNS or GNS namespace | 1123 | which in turn may either point into the DNS or GNS namespace |
1119 | (if it ends in a ".<Base32(zk)>"). | 1124 | (if it ends in a label representation of a zone key). |
1120 | In order to prevent infinite loops, the resolver MUST | 1125 | In order to prevent infinite loops, the resolver MUST |
1121 | implement loop detections or limit the number of recursive | 1126 | implement loop detections or limit the number of recursive |
1122 | resolution steps. | 1127 | resolution steps. |
@@ -1474,12 +1479,12 @@ NICK: john (Supplemental) | |||
1474 | <t> | 1479 | <t> |
1475 | GNS clients SHOULD first try to interpret the top-level domain of | 1480 | GNS clients SHOULD first try to interpret the top-level domain of |
1476 | a GNS name as a zone key. | 1481 | a GNS name as a zone key. |
1477 | For example. if the top-level domain is a Base32-encoded public zone | 1482 | For example. if the top-level domain is a label representation of |
1478 | key "zk", the root zone of the resolution process is implicitly given | 1483 | a public zone key "zkl", the root zone of the resolution process |
1479 | by the name: | 1484 | is implicitly given by the name: |
1480 | </t> | 1485 | </t> |
1481 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 1486 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
1482 | Example name: www.example.<Base32(zk)> | 1487 | Example name: www.example.<zkl> |
1483 | => Root zone: zk | 1488 | => Root zone: zk |
1484 | => Name to resolve from root zone: www.example | 1489 | => Name to resolve from root zone: www.example |
1485 | ]]></artwork> | 1490 | ]]></artwork> |
@@ -1560,9 +1565,11 @@ example.com = zk2 | |||
1560 | </t> | 1565 | </t> |
1561 | <t> | 1566 | <t> |
1562 | In terms of crypto-agility, whenever the need for an updated cryptographic | 1567 | In terms of crypto-agility, whenever the need for an updated cryptographic |
1563 | scheme arises to replace ECDSA over Curve25519 it may simply be introduced | 1568 | scheme arises to, for example, replace ECDSA over Curve25519 for |
1569 | PKEY records it may simply be introduced | ||
1564 | through a new record type. Such a new record type may then replace | 1570 | through a new record type. Such a new record type may then replace |
1565 | the PKEY record type for future records. The old record type remains | 1571 | the delegation record type for future records. |
1572 | The old record type remains | ||
1566 | and zones can iteratively migrate to the updated zone keys. | 1573 | and zones can iteratively migrate to the updated zone keys. |
1567 | </t> | 1574 | </t> |
1568 | </section> | 1575 | </section> |