idnits 2.17.1 draft-hoffman-dnssec-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (19 March 2022) is 769 days in the past. Is this intentional? Checking references for intended status: Best Current Practice ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group P. Hoffman 3 Internet-Draft ICANN 4 Intended status: Best Current Practice 19 March 2022 5 Expires: 20 September 2022 7 DNS Security Extensions (DNSSEC) 8 draft-hoffman-dnssec-00 10 Abstract 12 This document describes the DNS security extensions (commonly called 13 "DNSSEC") that are specified RFCs 4033, 4034, 4035, and a handful of 14 others. The purpose is to introduce all of the RFCs in one place so 15 that the reader can understand the many aspects of DNSSEC. This 16 document does not update any of those RFCs. 18 This document is currently maintained at 19 https://github.com/paulehoffman/draft-hoffman-dnssec. Issues and 20 pull requests are welcomed. If the document is later adopted by a 21 working group, a new repository will likely be created. 23 Status of This Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF). Note that other groups may also distribute 30 working documents as Internet-Drafts. The list of current Internet- 31 Drafts is at https://datatracker.ietf.org/drafts/current/. 33 Internet-Drafts are draft documents valid for a maximum of six months 34 and may be updated, replaced, or obsoleted by other documents at any 35 time. It is inappropriate to use Internet-Drafts as reference 36 material or to cite them other than as "work in progress." 38 This Internet-Draft will expire on 20 September 2022. 40 Copyright Notice 42 Copyright (c) 2022 IETF Trust and the persons identified as the 43 document authors. All rights reserved. 45 This document is subject to BCP 78 and the IETF Trust's Legal 46 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 47 license-info) in effect on the date of publication of this document. 48 Please review these documents carefully, as they describe your rights 49 and restrictions with respect to this document. Code Components 50 extracted from this document must include Revised BSD License text as 51 described in Section 4.e of the Trust Legal Provisions and are 52 provided without warranty as described in the Revised BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 1.1. DNSSEC as a Best Current Practice . . . . . . . . . . . . 2 58 2. DNSSEC Core Documents . . . . . . . . . . . . . . . . . . . . 3 59 2.1. Addition to the DNSSEC Core . . . . . . . . . . . . . . . 4 60 3. Extensions to DNSSEC . . . . . . . . . . . . . . . . . . . . 4 61 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 62 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 63 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 64 6.1. Normative References . . . . . . . . . . . . . . . . . . 5 65 6.2. Informative References . . . . . . . . . . . . . . . . . 6 66 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 68 1. Introduction 70 The core specification for what we know as DNSSEC (the combination of 71 [RFC4033], [RFC4034], and [RFC4035]) describes a set of protocols 72 that provides origin authentication to data in the DNS. [RFC6840] 73 updates and extends those core RFCs, but does not fundamentally 74 change the way that DNSSEC works. 76 This document lists many (but not all) of the RFCs that should be 77 considered by someone creating an implementation of, or someone 78 deploying, modern DNSSEC. It uses terminology from those documents 79 without defining that terminology. It also points to the relevant 80 IANA registries that relate to DNSSEC. It does not, however, point 81 to standards that rely on zones needing to be signed by DNSSEC. 83 1.1. DNSSEC as a Best Current Practice 85 The DNSSEC set of protocols is widely considered the best current 86 practice for adding origin authentication of data in the DNS. To 87 date, no standards-track RFCs offer any other method for such origin 88 authentication of data in the DNS. 90 Some observers note that, more than 15 years after the DNSSEC 91 specification was published, it is still not widely deployed. Recent 92 estimates are that fewer than 10% of the domain names used for web 93 sites are signed, and only around a third of queries to recursive 94 resolvers are validated. However, this low level of implementation 95 does not affect whether DNSSEC is a best current practice; it just 96 indicates that the value of deploying DNSSEC is often considered 97 lower than the cost. 99 2. DNSSEC Core Documents 101 What we today call "DNSSEC" is formally version 3 of the DNSSEC 102 specification. However, earlier versions of DNSSEC were thinly 103 deployed and significantly less visible than the current DNSSEC 104 specification. Throughout this document, "DNSSEC" means the version 105 of the protocol initially defined in [RFC4033], [RFC4034], and 106 [RFC4035]. 108 The three initial core documents generally cover different topics: 110 * [RFC4033] is an overview of DNSSEC, including how it might change 111 the resolution of DNS queries. 113 * [RFC4034] specifies the DNS resource records used in DNSSEC. It 114 obsoletes many RFCs for earlier versions of DNSSEC. 116 * [RFC4035] covers the modifications to the DNS protocol incurred by 117 DNSSEC. These include signing zones, serving signed zones, 118 resolving in light of DNSSEC, and authenticating DNSSEC-signed 119 data. 121 At the time this set of core documents was published, someone could 122 create a DNSSEC implementation of signing software, of an DNSSEC- 123 aware authoritative server, and/or a DNSSEC-aware recursive resolver 124 from the three core documents plus a few older RFCs specifying the 125 cryptography used. Those two older documents are: 127 * [RFC2536] defines how to use the DSA signature algorithm (although 128 refers to other documents for the details). DSA was thinly 129 implemented and can safely be ignored by DNSSEC implementations 131 * [RFC3110] defines how to use the RSA signature algorithm (although 132 refers to other documents for the details). RSA is still the most 133 popular signing algorithm for DNSSEC. 135 2.1. Addition to the DNSSEC Core 137 As with any major protocol, developers and operators discovered 138 issues with the original core documents over the years. [RFC6840] is 139 an omnibus update to the original core documents and thus itself has 140 become a core document. In addition to covering new requirements 141 from new DNSSEC RFCs, it describes many important security and 142 interoperability issues that arose during the deployment of the 143 initial specifications, particularly after the DNS root was signed in 144 2010. It also lists some errors in the examples of the core 145 specifications. 147 [RFC6840] brings a few additions into the core of DNSSEC. It makes 148 NSEC3 [RFC5155] as much a part of DNSSEC as NSEC is. It also makes 149 the SHA-2 hash function defined in [RFC4509] and [RFC5702] part of 150 the core as well. # Cryptographic Algorithms and DNSSEC 152 Cryptography improves over time, and new algorithms get adopted by 153 various Internet protocols. Two new signing algorithms have been 154 adopted by the DNSSEC community: ECDSA [RFC6605] and EdDSA [RFC8080]. 155 The GOST signing algorithm [RFC5933] was also adopted, but has seen 156 very limited use, likely because it is a national algorithm specific 157 to a very small number of countries. 159 Implementation developers who want to know which algorithms to 160 implement in DNSSEC software should refer to [RFC8624]. Note that 161 this specification is only about what algorithms should and should 162 not be included in implementations: it is not advice for which 163 algorithms that zone operators should and should not sign with, nor 164 which algorithms recursive resolver operators should or should not 165 validate. 167 3. Extensions to DNSSEC 169 The DNSSEC community has extended the DNSSEC core and the 170 cryptographic algorithms both in terms of describing good operational 171 practices and in new protocols. Some of the RFCs that describe these 172 extensions include: 174 * [RFC5011] explains how recursive resolvers and the DNS root can 175 work together to automate the rollover of the root's key signing 176 key (KSK). 178 * [RFC6781] is a compendium of operational practices that may not be 179 obvious from reading just the core specifications. 181 * [RFC7344] describes using the CDS and CDNSKEY resource records to 182 help automate the creation of DS records in the parents of signed 183 zones. 185 * [RFC8078] extends [RFC7344] by showing how to do initial setup of 186 trusted relationships between signed parent and child zones. 188 * [RFC8198] describes how a validating resolver can emit fewer 189 queries in signed zones that use NSEC for negative caching. 191 * [RFC9077] updates [RFC8198] with respect to the time-to-live (TTL) 192 fields in signed records. 194 4. IANA Considerations 196 IANA already has two registries that relate to DNSSEC: DNSSEC 197 algorithm numbers (https://www.iana.org/assignments/dns-sec-alg- 198 numbers) and DNSSEC NSEC3 parameters 199 (https://www.iana.org/assignments/dnssec-nsec3-parameters). The 200 rules for the DNSSEC algorithm registry were set in the core RFCs and 201 updated by [RFC6014] and [RFC9157]. 203 This document does not create any new IANA considerations. 205 5. Security Considerations 207 All of the security considerations from all of the RFCs referenced in 208 this document apply here. 210 6. References 212 6.1. Normative References 214 [RFC3110] Eastlake 3rd, D., "RSA/SHA-1 SIGs and RSA KEYs in the 215 Domain Name System (DNS)", RFC 3110, DOI 10.17487/RFC3110, 216 May 2001, . 218 [RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S. 219 Rose, "DNS Security Introduction and Requirements", 220 RFC 4033, DOI 10.17487/RFC4033, March 2005, 221 . 223 [RFC4034] Arends, R., Austein, R., Larson, M., Massey, D., and S. 224 Rose, "Resource Records for the DNS Security Extensions", 225 RFC 4034, DOI 10.17487/RFC4034, March 2005, 226 . 228 [RFC4035] Arends, R., Austein, R., Larson, M., Massey, D., and S. 229 Rose, "Protocol Modifications for the DNS Security 230 Extensions", RFC 4035, DOI 10.17487/RFC4035, March 2005, 231 . 233 [RFC4509] Hardaker, W., "Use of SHA-256 in DNSSEC Delegation Signer 234 (DS) Resource Records (RRs)", RFC 4509, 235 DOI 10.17487/RFC4509, May 2006, 236 . 238 [RFC5155] Laurie, B., Sisson, G., Arends, R., and D. Blacka, "DNS 239 Security (DNSSEC) Hashed Authenticated Denial of 240 Existence", RFC 5155, DOI 10.17487/RFC5155, March 2008, 241 . 243 [RFC5702] Jansen, J., "Use of SHA-2 Algorithms with RSA in DNSKEY 244 and RRSIG Resource Records for DNSSEC", RFC 5702, 245 DOI 10.17487/RFC5702, October 2009, 246 . 248 [RFC6840] Weiler, S., Ed. and D. Blacka, Ed., "Clarifications and 249 Implementation Notes for DNS Security (DNSSEC)", RFC 6840, 250 DOI 10.17487/RFC6840, February 2013, 251 . 253 6.2. Informative References 255 [RFC2536] Eastlake 3rd, D., "DSA KEYs and SIGs in the Domain Name 256 System (DNS)", RFC 2536, DOI 10.17487/RFC2536, March 1999, 257 . 259 [RFC5011] StJohns, M., "Automated Updates of DNS Security (DNSSEC) 260 Trust Anchors", STD 74, RFC 5011, DOI 10.17487/RFC5011, 261 September 2007, . 263 [RFC5933] Dolmatov, V., Ed., Chuprina, A., and I. Ustinov, "Use of 264 GOST Signature Algorithms in DNSKEY and RRSIG Resource 265 Records for DNSSEC", RFC 5933, DOI 10.17487/RFC5933, July 266 2010, . 268 [RFC6014] Hoffman, P., "Cryptographic Algorithm Identifier 269 Allocation for DNSSEC", RFC 6014, DOI 10.17487/RFC6014, 270 November 2010, . 272 [RFC6605] Hoffman, P. and W.C.A. Wijngaards, "Elliptic Curve Digital 273 Signature Algorithm (DSA) for DNSSEC", RFC 6605, 274 DOI 10.17487/RFC6605, April 2012, 275 . 277 [RFC6781] Kolkman, O., Mekking, W., and R. Gieben, "DNSSEC 278 Operational Practices, Version 2", RFC 6781, 279 DOI 10.17487/RFC6781, December 2012, 280 . 282 [RFC7344] Kumari, W., Gudmundsson, O., and G. Barwood, "Automating 283 DNSSEC Delegation Trust Maintenance", RFC 7344, 284 DOI 10.17487/RFC7344, September 2014, 285 . 287 [RFC8078] Gudmundsson, O. and P. Wouters, "Managing DS Records from 288 the Parent via CDS/CDNSKEY", RFC 8078, 289 DOI 10.17487/RFC8078, March 2017, 290 . 292 [RFC8080] Sury, O. and R. Edmonds, "Edwards-Curve Digital Security 293 Algorithm (EdDSA) for DNSSEC", RFC 8080, 294 DOI 10.17487/RFC8080, February 2017, 295 . 297 [RFC8198] Fujiwara, K., Kato, A., and W. Kumari, "Aggressive Use of 298 DNSSEC-Validated Cache", RFC 8198, DOI 10.17487/RFC8198, 299 July 2017, . 301 [RFC8624] Wouters, P. and O. Sury, "Algorithm Implementation 302 Requirements and Usage Guidance for DNSSEC", RFC 8624, 303 DOI 10.17487/RFC8624, June 2019, 304 . 306 [RFC9077] van Dijk, P., "NSEC and NSEC3: TTLs and Aggressive Use", 307 RFC 9077, DOI 10.17487/RFC9077, July 2021, 308 . 310 [RFC9157] Hoffman, P., "Revised IANA Considerations for DNSSEC", 311 RFC 9157, DOI 10.17487/RFC9157, December 2021, 312 . 314 Author's Address 316 Paul Hoffman 317 ICANN 318 Email: paul.hoffman@icann.org