diff options
Diffstat (limited to 'draft-schanzen-gns.xml')
-rw-r--r-- | draft-schanzen-gns.xml | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index a9a9689..12f111e 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
@@ -1450,6 +1450,18 @@ example.com = zk2 | |||
1450 | this document will be issued from time to time to reflect the current | 1450 | this document will be issued from time to time to reflect the current |
1451 | best practices in this area. | 1451 | best practices in this area. |
1452 | </t> | 1452 | </t> |
1453 | <t> | ||
1454 | GNS uses ECDSA over Curve25519. This is an unconventional choice, | ||
1455 | as ECDSA is usually used with other curves. However, traditional | ||
1456 | ECDSA curves are problematic for a range of reasons described in | ||
1457 | the Curve25519 and EdDSA papers. Using EdDSA directly is also | ||
1458 | not possible, as a hash function is used on the private key which | ||
1459 | destroys the linearity that the GNU Name System depends upon. | ||
1460 | We are not aware of anyone suggesting that using Curve25519 instead | ||
1461 | of another common curve of similar size would lower the security of | ||
1462 | ECDSA. GNS uses 256-bit curves because that way the encoded (public) | ||
1463 | keys fit into a single DNS label, which is good for usability. | ||
1464 | </t> | ||
1453 | </section> | 1465 | </section> |
1454 | <section anchor="security_abuse" numbered="true" toc="default"> | 1466 | <section anchor="security_abuse" numbered="true" toc="default"> |
1455 | <name>Abuse mitigation</name> | 1467 | <name>Abuse mitigation</name> |
@@ -1468,6 +1480,7 @@ example.com = zk2 | |||
1468 | However, the same mechanisms can also be abused in order to impose | 1480 | However, the same mechanisms can also be abused in order to impose |
1469 | state censorship, which ist one of the motivations behind GNS. | 1481 | state censorship, which ist one of the motivations behind GNS. |
1470 | Hence, such a seizure is, by design, difficult to impossible in GNS. | 1482 | Hence, such a seizure is, by design, difficult to impossible in GNS. |
1483 | In particular, GNS does not support WHOIS (<xref target="RFC3912" />). | ||
1471 | </t> | 1484 | </t> |
1472 | </section> | 1485 | </section> |
1473 | <section anchor="security_keymanagement" numbered="true" toc="default"> | 1486 | <section anchor="security_keymanagement" numbered="true" toc="default"> |
@@ -1475,11 +1488,13 @@ example.com = zk2 | |||
1475 | <t> | 1488 | <t> |
1476 | In GNS, zone administrators need to manage and protect their zone | 1489 | In GNS, zone administrators need to manage and protect their zone |
1477 | keys. Once a zone key is lost it cannot be recovered. Once it is | 1490 | keys. Once a zone key is lost it cannot be recovered. Once it is |
1478 | compromised it cannot be revoked (unless a revocation was | 1491 | compromised it cannot be revoked (unless a revocation message was |
1479 | pre-calculated and is still available). | 1492 | pre-calculated and is still available). |
1480 | Zone administrators, and for GNS this includes end-users, are | 1493 | Zone administrators, and for GNS this includes end-users, are |
1481 | required to responsibly and dilligently protect their cryptographic | 1494 | required to responsibly and dilligently protect their cryptographic |
1482 | keys. | 1495 | keys. Offline signing is in principle possible, but GNS does not |
1496 | support separate zone signing and key-signing keys | ||
1497 | (as in <xref target="RFC6781" />) in order to provide usable security. | ||
1483 | </t> | 1498 | </t> |
1484 | <t> | 1499 | <t> |
1485 | Similarly, users are required to manage their local root zone. | 1500 | Similarly, users are required to manage their local root zone. |
@@ -1519,16 +1534,16 @@ example.com = zk2 | |||
1519 | key is lost, compromised or replaced in the furture. | 1534 | key is lost, compromised or replaced in the furture. |
1520 | Pre-calculated revocations may become invalid due to expirations | 1535 | Pre-calculated revocations may become invalid due to expirations |
1521 | or protocol changes such as epoch adjustments. | 1536 | or protocol changes such as epoch adjustments. |
1522 | Conseuquently, implementors and users must make precautions in order | 1537 | Consequently, implementors and users must make precautions in order |
1523 | to manage revocations accordingly. | 1538 | to manage revocations accordingly. |
1524 | </t> | 1539 | </t> |
1525 | <t> | 1540 | <t> |
1526 | Revocation payloads do NOT include a 'new' key for key replacement. | 1541 | Revocation payloads do NOT include a 'new' key for key replacement. |
1527 | In inclusion of such a key would have two major disadvantages: | 1542 | Inclusion of such a key would have two major disadvantages: |
1528 | </t> | 1543 | </t> |
1529 | <t> | 1544 | <t> |
1530 | If revocation is used after a private key was compromised, | 1545 | If revocation is used after a private key was compromised, |
1531 | allowing key replacement would be dangerous, because if an | 1546 | allowing key replacement would be dangerous: if an |
1532 | adversary took over the private key, the adversary could then | 1547 | adversary took over the private key, the adversary could then |
1533 | broadcast a revocation with a key replacement. For the replacement, | 1548 | broadcast a revocation with a key replacement. For the replacement, |
1534 | the compromised owner would have no chance to issue even a | 1549 | the compromised owner would have no chance to issue even a |
@@ -1552,7 +1567,7 @@ example.com = zk2 | |||
1552 | <name>GANA Considerations</name> | 1567 | <name>GANA Considerations</name> |
1553 | <t> | 1568 | <t> |
1554 | GANA is requested to create an "GNU Name System Record Types" registry. | 1569 | GANA is requested to create an "GNU Name System Record Types" registry. |
1555 | The registry shall record for each entry: | 1570 | The registry shall record for each entry: |
1556 | </t> | 1571 | </t> |
1557 | <ul> | 1572 | <ul> |
1558 | <li>Name: The name of the record type (case-insensitive ASCII | 1573 | <li>Name: The name of the record type (case-insensitive ASCII |
@@ -1581,11 +1596,10 @@ Number | Name | Contact | References | Description | |||
1581 | 65540 | GNS2DNS | N/A | [This.I-D] | Delegation to DNS | 1596 | 65540 | GNS2DNS | N/A | [This.I-D] | Delegation to DNS |
1582 | 65541 | BOX | N/A | [This.I-D] | Boxed record | 1597 | 65541 | BOX | N/A | [This.I-D] | Boxed record |
1583 | ]]></artwork> | 1598 | ]]></artwork> |
1584 | <!-- <postamble>which is a very simple example.</postamble>--> | ||
1585 | </figure> | 1599 | </figure> |
1586 | 1600 | ||
1587 | </section> | 1601 | </section> |
1588 | <!-- iana --> | 1602 | <!-- gana --> |
1589 | <section> | 1603 | <section> |
1590 | <name>Test Vectors</name> | 1604 | <name>Test Vectors</name> |
1591 | <t> | 1605 | <t> |
@@ -1677,9 +1691,11 @@ bEclYC3aE2+fjSDDfRpdnv3gGHMckMceVbgymHZDlfA= | |||
1677 | &RFC2119; | 1691 | &RFC2119; |
1678 | &RFC3629; | 1692 | &RFC3629; |
1679 | &RFC3826; | 1693 | &RFC3826; |
1694 | &RFC3912; | ||
1680 | &RFC5869; | 1695 | &RFC5869; |
1681 | &RFC5890; | 1696 | &RFC5890; |
1682 | &RFC5891; | 1697 | &RFC5891; |
1698 | &RFC6781; | ||
1683 | &RFC6895; | 1699 | &RFC6895; |
1684 | &RFC6979; | 1700 | &RFC6979; |
1685 | &RFC7748; | 1701 | &RFC7748; |