idnits 2.17.1 draft-ietf-dnsop-key-rollover-requirements-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3667, Section 5.1 on line 15. -- Found old boilerplate from RFC 3978, Section 5.5 on line 283. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 260. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 267. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 273. ** Found boilerplate matching RFC 3978, Section 5.4, paragraph 1 (on line 289), which is fine, but *also* found old RFC 2026, Section 10.4C, paragraph 1 text on line 37. ** The document seems to lack an RFC 3978 Section 5.1 IPR Disclosure Acknowledgement -- however, there's a paragraph with a matching beginning. Boilerplate error? ** This document has an original RFC 3978 Section 5.4 Copyright Line, instead of the newer IETF Trust Copyright according to RFC 4748. ** This document has an original RFC 3978 Section 5.5 Disclaimer, instead of the newer disclaimer which includes the IETF Trust according to RFC 4748. ** The document uses RFC 3667 boilerplate or RFC 3978-like boilerplate instead of verbatim RFC 3978 boilerplate. After 6 May 2005, submission of drafts without verbatim RFC 3978 boilerplate is not accepted. The following non-3978 patterns matched text found in the document. That text should be removed or replaced: By submitting this Internet-Draft, I certify that any applicable patent or other IPR claims of which I am aware have been disclosed, or will be disclosed, and any of which I become aware will be disclosed, in accordance with RFC 3668. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There are 2 instances of lines with non-ascii characters in the document. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 126: '... chain of trust MUST be preserved, ev...' RFC 2119 keyword, line 127: '...erver. Every RR MUST be verifiable at...' RFC 2119 keyword, line 141: '...xchanged message MUST be authenticated...' RFC 2119 keyword, line 142: '... tool MUST be a DNSSEC tool such as TSIG [6], SIG(0) [5] or DNSSEC...' RFC 2119 keyword, line 146: '... MUST notify its parent zone in orde...' (7 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (August 7, 2004) is 7195 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3658 (ref. '1') (Obsoleted by RFC 4033, RFC 4034, RFC 4035) ** Obsolete normative reference: RFC 3757 (ref. '2') (Obsoleted by RFC 4033, RFC 4034, RFC 4035) -- No information found for draft-ietf-dnsop-dnssec-operational-practice - is the name correct? -- Possible downref: Normative reference to a draft: ref. '3' ** Obsolete normative reference: RFC 2535 (ref. '4') (Obsoleted by RFC 4033, RFC 4034, RFC 4035) ** Obsolete normative reference: RFC 2845 (ref. '6') (Obsoleted by RFC 8945) == Outdated reference: A later version (-11) exists of draft-ietf-dnsext-dnssec-records-09 == Outdated reference: A later version (-13) exists of draft-ietf-dnsext-dnssec-intro-11 == Outdated reference: A later version (-09) exists of draft-ietf-dnsext-dnssec-protocol-07 Summary: 12 errors (**), 0 flaws (~~), 6 warnings (==), 9 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 DNSOP G. Guette 2 Internet-Draft IRISA / INRIA 3 Expires: February 5, 2005 O. Courtay 4 Thomson R&D 5 August 7, 2004 7 Requirements for Automated Key Rollover in DNSSEC 8 draft-ietf-dnsop-key-rollover-requirements-01.txt 10 Status of this Memo 12 By submitting this Internet-Draft, I certify that any applicable 13 patent or other IPR claims of which I am aware have been disclosed, 14 and any of which I become aware will be disclosed, in accordance with 15 RFC 3668. 17 Internet-Drafts are working documents of the Internet Engineering 18 Task Force (IETF), its areas, and its working groups. Note that 19 other groups may also distribute working documents as 20 Internet-Drafts. 22 Internet-Drafts are draft documents valid for a maximum of six months 23 and may be updated, replaced, or obsoleted by other documents at any 24 time. It is inappropriate to use Internet-Drafts as reference 25 material or to cite them other than as "work in progress." 27 The list of current Internet-Drafts can be accessed at 28 http://www.ietf.org/ietf/1id-abstracts.txt. 30 The list of Internet-Draft Shadow Directories can be accessed at 31 http://www.ietf.org/shadow.html. 33 This Internet-Draft will expire on February 5, 2005. 35 Copyright Notice 37 Copyright (C) The Internet Society (2004). All Rights Reserved. 39 Abstract 41 This document describes problems that appear during an automated 42 rollover and gives the requirements for the design of communication 43 between parent zone and child zone in an automated rollover process. 44 This document is essentially about key rollover, the rollover of 45 another Resource Record present at delegation point (NS RR) is also 46 discussed. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 51 2. The Key Rollover Process . . . . . . . . . . . . . . . . . . . 3 52 3. Basic Requirements . . . . . . . . . . . . . . . . . . . . . . 4 53 4. Messages authentication and information exchanged . . . . . . 4 54 5. Emergency Rollover . . . . . . . . . . . . . . . . . . . . . . 5 55 6. Other Resource Record concerned by automatic rollover . . . . 5 56 7. Security consideration . . . . . . . . . . . . . . . . . . . . 5 57 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 5 58 9. Normative References . . . . . . . . . . . . . . . . . . . . . 5 59 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 6 60 Intellectual Property and Copyright Statements . . . . . . . . 7 62 1. Introduction 64 The DNS security extensions (DNSSEC) [4][8][7][9] uses public-key 65 cryptography and digital signatures. It stores the public part of 66 keys in DNSKEY Resource Records (RRs). Because old keys and 67 frequently used keys are vulnerable, they must be renewed 68 periodically. In DNSSEC, this is the case for Zone Signing Keys 69 (ZSKs) and Key Signing Keys (KSKs) [1][2]. Automation of key 70 rollover process is necessary for large zones because there are too 71 many changes to handle a manual administration. 73 Let us consider for example a zone with 100000 secure delegations. 74 If the child zones change their keys once a year on average, that 75 implies 300 changes per day for the parent zone. This amount of 76 changes are hard to manage manually. 78 Automated rollover is optional and resulting from an agreement 79 between the administrator of the parent zone and the administrator of 80 the child zone. Of course, key rollover can also be done manually by 81 administrators. 83 This document describes the requirements for the design of messages 84 of automated key rollover process and focusses on interaction between 85 parent and child zone. 87 2. The Key Rollover Process 89 Key rollover consists in renewing the DNSSEC keys used to sign 90 resource records in a given DNS zone file. There are two types of 91 rollover, ZSK rollovers and KSK rollovers. 93 In a ZSK rollover, all changes are local to the zone that renews its 94 key: there is no need to contact other zones (e.g., parent zone) to 95 propagate the performed changes because a ZSK has no associated DS 96 record in the parent zone. 98 In a KSK rollover, new DS RR(s) must be created and stored in the 99 parent zone. In consequence, the child zone must contact its parent 100 zone and must notify it about the KSK change(s). 102 Manual key rollover exists and works [3]. The key rollover is built 103 from two parts of different nature: 104 o An algorithm that generates new keys and signs the zone file. It 105 could be local to the zone 106 o The interaction between parent and child zones 108 One example of manual key rollover is: 110 o The child zone creates a new KSK 111 o The child zone waits for the creation of the DS RR in its parent 112 zone 113 o The child zone deletes the old key. 115 In manual rollover, communications are managed by the zone 116 administrators and the security of these communications is out of 117 scope of DNSSEC. 119 Automated key rollover should use a secure communication between 120 parent and child zones. This document concentrates on defining 121 interactions between entities present in key rollover process. 123 3. Basic Requirements 125 The main constraint to respect during a key rollover is that the 126 chain of trust MUST be preserved, even if a resolver retrieves some 127 RRs from recursive cache server. Every RR MUST be verifiable at any 128 time, every RRs exchanged during the rollover should be authenticated 129 and their integrity should be guaranteed. 131 Two entities act during a KSK rollover: the child zone and its parent 132 zone. These zones are generally managed by different administrators. 133 These administrators should agree on some parameters like 134 availability of automated rollover, the maximum delay between 135 notification of changes in the child zone and the resigning of the 136 parent zone. The child zone needs to know this delay to schedule its 137 changes. 139 4. Messages authentication and information exchanged 141 Every exchanged message MUST be authenticated and the authentication 142 tool MUST be a DNSSEC tool such as TSIG [6], SIG(0) [5] or DNSSEC 143 request with verifiable SIG records. 145 Once the changes related to a KSK are made in a child zone, this zone 146 MUST notify its parent zone in order to create the new DS RR and 147 store this DS RR in parent zone file. 149 The parent zone MUST receive all the child keys that needs the 150 creation of associated DS RRs in the parent zone. 152 Some errors could occur during transmission between child zone and 153 parent zone. Key rollover solution MUST be fault tolerant, i.e. at 154 any time the rollover MUST be in a consistent state and all RRs MUST 155 be verifiable, even if an error occurs. That is to say that it MUST 156 remain a valid chain of trust. 158 5. Emergency Rollover 160 A key of a zone might be compromised and this key MUST be changed as 161 soon as possible. Fast changes could break the chain of trust. The 162 part of DNS tree having this zone as apex can become unverifiable, 163 but the break of the chain of trust is necessary if we want to no one 164 can use the compromised key to spoof DNS data. 166 In case of emergency rollover, the administrators of parent and child 167 zones should create new key(s) and DS RR(s) as fast as possible in 168 order to reduce the time the chain of trust is broken. 170 6. Other Resource Record concerned by automatic rollover 172 NS records are also present at delegation point, so when the child 173 zone renews some NS RR, the corresponding records at delegation point 174 in parent zone (glue) MUST be updated. NS records are concerned by 175 rollover and this rollover could be automated too. In this case, 176 when the child zone notifies its parent zone that some NS records 177 have been changed, the parent zone MUST verify that these NS records 178 are present in child zone before doing any changes in its own zone 179 file. This allows to avoid inconsistency between NS records at 180 delegation point and NS records present in the child zone. 182 7. Security consideration 184 This document describes requirements to design an automated key 185 rollover in DNSSEC based on DNSSEC security. In the same way, as 186 plain DNSSEC, the automatic key rollover contains no mechanism 187 protecting against denial of service (DoS). The security level 188 obtain after an automatic key rollover, is the security level 189 provided by DNSSEC. 191 8. Acknowledgments 193 The authors want to acknowledge Francis Dupont, Mohsen Souissi, 194 Bernard Cousin, Bertrand L�onard and members of IDsA project for 195 their contribution to this document. 197 9 Normative References 199 [1] Gudmundsson, O., "Delegation Signer (DS) Resource Record (RR)", 200 RFC 3658, December 2003. 202 [2] Kolkman, O., Schlyter, J. and E. Lewis, "Domain Name System KEY 203 (DNSKEY) Resource Record (RR) Secure Entry Point (SEP) Flag", 204 RFC 3757, May 2004. 206 [3] Kolkman, O., "DNSSEC Operational Practices", 207 draft-ietf-dnsop-dnssec-operational-practice-01 (work in 208 progress), May 2004. 210 [4] Eastlake, D., "Domain Name System Security Extensions", RFC 211 2535, March 1999. 213 [5] Eastlake, D., "DNS Request and Transaction Signatures ( 214 SIG(0)s)", RFC 2931, September 2000. 216 [6] Vixie, P., Gudmundsson, O., Eastlake, D. and B. Wellington, 217 "Secret Key Transaction Authentication for DNS (TSIG)", RFC 218 2845, May 2000. 220 [7] Arends, R., "Resource Records for the DNS Security Extensions", 221 draft-ietf-dnsext-dnssec-records-09 (work in progress), July 222 2004. 224 [8] Arends, R., Austein, R., Massey, D., Larson, M. and S. Rose, 225 "DNS Security Introduction and Requirements", 226 draft-ietf-dnsext-dnssec-intro-11 (work in progress), July 2004. 228 [9] Arends, R., "Protocol Modifications for the DNS Security 229 Extensions", draft-ietf-dnsext-dnssec-protocol-07 (work in 230 progress), July 2004. 232 Authors' Addresses 234 Gilles Guette 235 IRISA / INRIA 236 Campus de Beaulieu 237 35042 Rennes CEDEX 238 FR 240 EMail: gilles.guette@irisa.fr 241 URI: http://www.irisa.fr 243 Olivier Courtay 244 Thomson R&D 245 1, avenue Belle Fontaine 246 35510 Cesson S�vign� CEDEX 247 FR 249 EMail: olivier.courtay@thomson.net 251 Intellectual Property Statement 253 The IETF takes no position regarding the validity or scope of any 254 Intellectual Property Rights or other rights that might be claimed to 255 pertain to the implementation or use of the technology described in 256 this document or the extent to which any license under such rights 257 might or might not be available; nor does it represent that it has 258 made any independent effort to identify any such rights. Information 259 on the procedures with respect to rights in RFC documents can be 260 found in BCP 78 and BCP 79. 262 Copies of IPR disclosures made to the IETF Secretariat and any 263 assurances of licenses to be made available, or the result of an 264 attempt made to obtain a general license or permission for the use of 265 such proprietary rights by implementers or users of this 266 specification can be obtained from the IETF on-line IPR repository at 267 http://www.ietf.org/ipr. 269 The IETF invites any interested party to bring to its attention any 270 copyrights, patents or patent applications, or other proprietary 271 rights that may cover technology that may be required to implement 272 this standard. Please address the information to the IETF at 273 ietf-ipr@ietf.org. 275 Disclaimer of Validity 277 This document and the information contained herein are provided on an 278 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 279 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 280 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 281 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 282 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 283 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 285 Copyright Statement 287 Copyright (C) The Internet Society (2004). This document is subject 288 to the rights, licenses and restrictions contained in BCP 78, and 289 except as set forth therein, the authors retain all their rights. 291 Acknowledgment 293 Funding for the RFC Editor function is currently provided by the 294 Internet Society.