rfc9364.original   rfc9364.txt 
Network Working Group P. Hoffman Internet Engineering Task Force (IETF) P. Hoffman
Internet-Draft ICANN Request for Comments: 9364 ICANN
Intended status: Best Current Practice 24 October 2022 BCP: 237 February 2023
Expires: 27 April 2023 Category: Best Current Practice
ISSN: 2070-1721
DNS Security Extensions (DNSSEC) DNS Security Extensions (DNSSEC)
draft-ietf-dnsop-dnssec-bcp-06
Abstract Abstract
This document describes the DNS security extensions (commonly called This document describes the DNS Security Extensions (commonly called
"DNSSEC") that are specified RFCs 4033, 4034, 4035, and a handful of "DNSSEC") that are specified in RFCs 4033, 4034, and 4035, as well as
others. One purpose is to introduce all of the RFCs in one place so a handful of others. One purpose is to introduce all of the RFCs in
that the reader can understand the many aspects of DNSSEC. This one place so that the reader can understand the many aspects of
document does not update any of those RFCs. A second purpose is to DNSSEC. This document does not update any of those RFCs. A second
state that using DNSSEC for origin authentication of DNS data is the purpose is to state that using DNSSEC for origin authentication of
best current practice. A third purpose is to provide a single DNS data is the best current practice. A third purpose is to provide
reference for other documents that want to refer to DNSSEC. a single reference for other documents that want to refer to DNSSEC.
This document is currently maintained at
https://github.com/paulehoffman/draft-hoffman-dnssec. Issues and
pull requests are welcomed.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This memo documents an Internet Best Current Practice.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
BCPs is available in Section 2 of RFC 7841.
This Internet-Draft will expire on 27 April 2023. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9364.
Copyright Notice Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents
license-info) in effect on the date of publication of this document. (https://trustee.ietf.org/license-info) in effect on the date of
Please review these documents carefully, as they describe your rights publication of this document. Please review these documents
and restrictions with respect to this document. Code Components carefully, as they describe your rights and restrictions with respect
extracted from this document must include Revised BSD License text as to this document. Code Components extracted from this document must
described in Section 4.e of the Trust Legal Provisions and are include Revised BSD License text as described in Section 4.e of the
provided without warranty as described in the Revised BSD License. Trust Legal Provisions and are provided without warranty as described
in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction
1.1. DNSSEC as a Best Current Practice . . . . . . . . . . . . 3 1.1. DNSSEC as a Best Current Practice
1.2. Implementing DNSSEC . . . . . . . . . . . . . . . . . . . 3 1.2. Implementing DNSSEC
2. DNSSEC Core Documents . . . . . . . . . . . . . . . . . . . . 3 2. DNSSEC Core Documents
2.1. Addition to the DNSSEC Core . . . . . . . . . . . . . . . 4 2.1. Addition to the DNSSEC Core
3. Additional Cryptographic Algorithms and DNSSEC . . . . . . . 4 3. Additional Cryptographic Algorithms and DNSSEC
4. Extensions to DNSSEC . . . . . . . . . . . . . . . . . . . . 5 4. Extensions to DNSSEC
5. Additional Documents of Interest . . . . . . . . . . . . . . 5 5. Additional Documents of Interest
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 6. IANA Considerations
7. Security Considerations . . . . . . . . . . . . . . . . . . . 7 7. Security Considerations
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 8. References
8.1. Normative References . . . . . . . . . . . . . . . . . . 7 8.1. Normative References
8.2. Informative References . . . . . . . . . . . . . . . . . 8 8.2. Informative References
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 11 Acknowledgements
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11 Author's Address
1. Introduction 1. Introduction
The core specification for what we know as DNSSEC (the combination of The core specification for what we know as DNSSEC (the combination of
[RFC4033], [RFC4034], and [RFC4035]) describes a set of protocols [RFC4033], [RFC4034], and [RFC4035]) describes a set of protocols
that provide origin authentication of DNS data. [RFC6840] updates that provide origin authentication of DNS data. [RFC6840] updates
and extends those core RFCs, but does not fundamentally change the and extends those core RFCs but does not fundamentally change the way
way that DNSSEC works. that DNSSEC works.
This document lists RFCs that should be considered by someone This document lists RFCs that should be considered by someone
creating an implementation of, or someone deploying, DNSSEC as it is creating an implementation of, or someone deploying, DNSSEC as it is
currently standardized. Although an effort was made to be thorough, currently standardized. Although an effort was made to be thorough,
the reader should not assume this list is comprehensive. It uses the reader should not assume this list is comprehensive. It uses
terminology from those documents without defining that terminology. terminology from those documents without defining that terminology.
It also points to the relevant IANA registry groups that relate to It also points to the relevant IANA registry groups that relate to
DNSSEC. It does not, however, point to standards that rely on zones DNSSEC. It does not, however, point to standards that rely on zones
needing to be signed by DNSSEC such as DANE [RFC6698]. needing to be signed by DNSSEC, such as DNS-Based Authentication of
Named Entities (DANE) [RFC6698].
1.1. DNSSEC as a Best Current Practice 1.1. DNSSEC as a Best Current Practice
Using the DNSSEC set of protocols is the best current practice for Using the DNSSEC set of protocols is the best current practice for
adding origin authentication of DNS data. To date, no standards- adding origin authentication of DNS data. To date, no Standards
track RFCs offer any other method for such origin authentication of Track RFCs offer any other method for such origin authentication of
data in the DNS. data in the DNS.
More than 15 years after the DNSSEC specification was published, it More than 15 years after the DNSSEC specification was published, it
is still not widely deployed. Recent estimates are that fewer than is still not widely deployed. Recent estimates are that fewer than
10% of the domain names used for web sites are signed, and only 10% of the domain names used for websites are signed, and only around
around a third of queries to recursive resolvers are validated. a third of queries to recursive resolvers are validated. However,
However, this low level of deployment does not affect whether using this low level of deployment does not affect whether using DNSSEC is
DNSSEC is a best current practice; it just indicates that the value a best current practice; it just indicates that the value of
of deploying DNSSEC is often considered lower than the cost. deploying DNSSEC is often considered lower than the cost.
Nonetheless, the significant deployment of DNSSEC beneath some top- Nonetheless, the significant deployment of DNSSEC beneath some top-
level domains (TLDs), and the near-universal deployment of DNSSEC for level domains (TLDs) and the near-universal deployment of DNSSEC for
the TLDs in the DNS root zone, demonstrate that DNSSEC is applicable the TLDs in the DNS root zone demonstrate that DNSSEC is applicable
for implementation by both ordinary and highly sophisticated domain for implementation by both ordinary and highly sophisticated domain
owners. owners.
1.2. Implementing DNSSEC 1.2. Implementing DNSSEC
Developers of validating resolvers and authoritative servers, as well Developers of validating resolvers and authoritative servers, as well
as operators of validating resolvers and authoritative servers, need as operators of validating resolvers and authoritative servers, need
to know the parts of the DNSSEC protocol that would affect them. to know the parts of the DNSSEC protocol that would affect them.
They should read the DNSSEC core documents, and probably at least be They should read the DNSSEC core documents and probably at least be
familiar with the extensions. Developers will probably need to be familiar with the extensions. Developers will probably need to be
very familiar with the algorithm documents as well. very familiar with the algorithm documents as well.
As a side note, some of the DNSSEC-related RFCs have significant As a side note, some of the DNSSEC-related RFCs have significant
errata, so reading the RFCs should also include looking for the errata, so reading the RFCs should also include looking for the
related errata. related errata.
2. DNSSEC Core Documents 2. DNSSEC Core Documents
What we refer to as "DNSSEC" is the third iteration of the DNSSEC What we refer to as "DNSSEC" is the third iteration of the DNSSEC
skipping to change at page 3, line 52 skipping to change at line 133
Earlier iterations have not been deployed on a significant scale. Earlier iterations have not been deployed on a significant scale.
Throughout this document, "DNSSEC" means the protocol initially Throughout this document, "DNSSEC" means the protocol initially
defined in [RFC4033], [RFC4034], and [RFC4035]. defined in [RFC4033], [RFC4034], and [RFC4035].
The three initial core documents generally cover different topics: The three initial core documents generally cover different topics:
* [RFC4033] is an overview of DNSSEC, including how it might change * [RFC4033] is an overview of DNSSEC, including how it might change
the resolution of DNS queries. the resolution of DNS queries.
* [RFC4034] specifies the DNS resource records used in DNSSEC. It * [RFC4034] specifies the DNS resource records used in DNSSEC. It
obsoletes many RFCs for earlier versions of DNSSEC. obsoletes many RFCs about earlier versions of DNSSEC.
* [RFC4035] covers the modifications to the DNS protocol incurred by * [RFC4035] covers the modifications to the DNS protocol incurred by
DNSSEC. These include signing zones, serving signed zones, DNSSEC. These include signing zones, serving signed zones,
resolving in light of DNSSEC, and authenticating DNSSEC-signed resolving in light of DNSSEC, and authenticating DNSSEC-signed
data. data.
At the time this set of core documents was published, someone could At the time this set of core documents was published, someone could
create a DNSSEC implementation of signing software, of an DNSSEC- create a DNSSEC implementation of signing software, of a DNSSEC-aware
aware authoritative server, and/or a DNSSEC-aware recursive resolver authoritative server, and/or of a DNSSEC-aware recursive resolver
from the three core documents, plus a few older RFCs specifying the from the three core documents, plus a few older RFCs specifying the
cryptography used. Those two older documents are: cryptography used. Those two older documents are the following:
* [RFC2536] defines how to use the DSA signature algorithm (although * [RFC2536] defines how to use the DSA signature algorithm (although
it refers to other documents for the details). DSA was thinly it refers to other documents for the details). DSA was thinly
implemented and can safely be ignored by DNSSEC implementations. implemented and can safely be ignored by DNSSEC implementations.
* [RFC3110] defines how to use the RSA signature algorithm (although * [RFC3110] defines how to use the RSA signature algorithm (although
refers to other documents for the details). RSA is still among refers to other documents for the details). RSA is still among
the most popular signing algorithm for DNSSEC. the most popular signing algorithms for DNSSEC.
It is important to note that later RFCs update the core documents. It is important to note that later RFCs update the core documents.
As just one example, [RFC9077] changes how TTL values are calculated As just one example, [RFC9077] changes how TTL values are calculated
in DNSSEC processing. in DNSSEC processing.
2.1. Addition to the DNSSEC Core 2.1. Addition to the DNSSEC Core
As with any major protocol, developers and operators discovered As with any major protocol, developers and operators discovered
issues with the original core documents over the years. [RFC6840] is issues with the original core documents over the years. [RFC6840] is
an omnibus update to the original core documents and thus itself has an omnibus update to the original core documents and thus itself has
become a core document. In addition to covering new requirements become a core document. In addition to covering new requirements
from new DNSSEC RFCs, it describes many important security and from new DNSSEC RFCs, it describes many important security and
interoperability issues that arose during the deployment of the interoperability issues that arose during the deployment of the
initial specifications, particularly after the DNS root was signed in initial specifications, particularly after the DNS root was signed in
2010. It also lists some errors in the examples of the core 2010. It also lists some errors in the examples of the core
specifications. specifications.
[RFC6840] brings a few additions into the core of DNSSEC. It makes [RFC6840] brings a few additions into the core of DNSSEC. It makes
NSEC3 [RFC5155] as much a part of DNSSEC as NSEC is. It also makes NSEC3 [RFC5155] as much a part of DNSSEC as NSEC is. It also makes
the SHA-2 hash function defined in [RFC4509] and [RFC5702] part of the SHA-256 and SHA-512 hash functions defined in [RFC4509] and
the core. [RFC5702] part of the core.
3. Additional Cryptographic Algorithms and DNSSEC 3. Additional Cryptographic Algorithms and DNSSEC
Current cryptographic algorithms typically weaken over time as Current cryptographic algorithms typically weaken over time as
computing power improves and new cryptoanalysis emerges. Two new computing power improves and new cryptoanalysis emerges. Two new
signing algorithms have been adopted by the DNSSEC community: ECDSA signing algorithms have been adopted by the DNSSEC community:
[RFC6605] and EdDSA [RFC8080]. ECDSA and EdDSA have become very Elliptic Curve Digital Signature Algorithm (ECDSA) [RFC6605] and
popular signing algorithms in recent years. The GOST signing Edwards-curve Digital Signature Algorithm (EdDSA) [RFC8080]. ECDSA
algorithm [I-D.ietf-dnsop-rfc5933-bis] was also adopted, but has seen and EdDSA have become very popular signing algorithms in recent
very limited use, likely because it is a national algorithm specific years. The GOST signing algorithm [GOST-SIGN] was also adopted but
to a very small number of countries. has seen very limited use, likely because it is a national algorithm
specific to a very small number of countries.
Implementation developers who want to know which algorithms to Implementation developers who want to know which algorithms to
implement in DNSSEC software should refer to [RFC8624]. Note that implement in DNSSEC software should refer to [RFC8624]. Note that
this specification is only about what algorithms should and should this specification is only about what algorithms should and should
not be included in implementations: it is not advice for which not be included in implementations, i.e., it is not advice about
algorithms that zone operators should and should not sign with, nor which algorithms zone operators should or should not use for signing,
which algorithms recursive resolver operators should or should not be nor which algorithms recursive resolver operators should or should
used for validation. not use for validation.
4. Extensions to DNSSEC 4. Extensions to DNSSEC
The DNSSEC community has extended the DNSSEC core and the The DNSSEC community has extended the DNSSEC core and the
cryptographic algorithms both in terms of describing good operational cryptographic algorithms, both in terms of describing good
practices and in new protocols. Some of the RFCs that describe these operational practices and in new protocols. Some of the RFCs that
extensions include: describe these extensions include the following:
* [RFC5011] describes a method to help resolvers update their DNSSEC * [RFC5011] describes a method to help resolvers update their DNSSEC
trust anchors in an automated fashion. This method was used in trust anchors in an automated fashion. This method was used in
2018 to update the DNS root trust anchor. 2018 to update the DNS root trust anchor.
* [RFC6781] is a compendium of operational practices that may not be * [RFC6781] is a compendium of operational practices that may not be
obvious from reading just the core specifications. obvious from reading just the core specifications.
* [RFC7344] describes using the CDS and CDNSKEY resource records to * [RFC7344] describes using the CDS and CDNSKEY resource records to
help automate the maintenance of DS records in the parents of help automate the maintenance of DS records in the parents of
signed zones. signed zones.
* [RFC8078] extends [RFC7344] by showing how to do initial setup of * [RFC8078] extends [RFC7344] by showing how to do initial setup of
trusted relationships between signed parent and child zones. trusted relationships between signed parent and child zones.
* [RFC8198] describes how a validating resolver can emit fewer * [RFC8198] describes how a validating resolver can emit fewer
queries in signed zones that use NSEC and NSEC3 for negative queries in signed zones that use NSEC and NSEC3 for negative
caching. caching.
* [RFC9077] updates [RFC8198] with respect to the time-to-live (TTL) * [RFC9077] updates [RFC8198] with respect to the TTL fields in
fields in signed records. signed records.
5. Additional Documents of Interest 5. Additional Documents of Interest
The documents listed above constitute the core of DNSSEC, the The documents listed above constitute the core of DNSSEC, the
additional cryptographic algorithms, and the major extensions to additional cryptographic algorithms, and the major extensions to
DNSSEC. This section lists some additional documents that someone DNSSEC. This section lists some additional documents that someone
interested in implementing or operating DNSSEC might find of value. interested in implementing or operating DNSSEC might find of value:
* [RFC4470] "describes how to construct DNSSEC NSEC resource records * [RFC4470] "describes how to construct DNSSEC NSEC resource records
that cover a smaller range of names than called for by [RFC4034]. that cover a smaller range of names than called for by [RFC4034].
By generating and signing these records on demand, authoritative By generating and signing these records on demand, authoritative
name servers can effectively stop the disclosure of zone contents name servers can effectively stop the disclosure of zone contents
otherwise made possible by walking the chain of NSEC records in a otherwise made possible by walking the chain of NSEC records in a
signed zone.". signed zone".
* [RFC6975] "specifies a way for validating end-system resolvers to * [RFC6975] "specifies a way for validating end-system resolvers to
signal to a server which digital signature and hash algorithms signal to a server which digital signature and hash algorithms
they support". they support".
* [RFC7129] "provides additional background commentary and some * [RFC7129] "provides additional background commentary and some
context for the NSEC and NSEC3 mechanisms used by DNSSEC to context for the NSEC and NSEC3 mechanisms used by DNSSEC to
provide authenticated denial-of-existence responses". This provide authenticated denial-of-existence responses". This
background is particularly important for understanding NSEC and background is particularly important for understanding NSEC and
NSEC3 usage. NSEC3 usage.
skipping to change at page 6, line 40 skipping to change at line 265
has used to distribute the DNSSEC trust anchors". has used to distribute the DNSSEC trust anchors".
* [RFC8027] "describes problems that a Validating DNS resolver, * [RFC8027] "describes problems that a Validating DNS resolver,
stub-resolver, or application might run into within a non- stub-resolver, or application might run into within a non-
compliant infrastructure". compliant infrastructure".
* [RFC8145] "specifies two different ways for validating resolvers * [RFC8145] "specifies two different ways for validating resolvers
to signal to a server which keys are referenced in their chain of to signal to a server which keys are referenced in their chain of
trust". trust".
* [RFC8499] is a list of terminology used when talking about the * [RFC8499] contains lists of terminology used when talking about
DNS; sections 10 and 11 cover DNSSEC. DNS; Sections 10 and 11 cover DNSSEC.
* [RFC8509] "specifies a mechanism that will allow an end user and * [RFC8509] "specifies a mechanism that will allow an end user and
third parties to determine the trusted key state for the root key third parties to determine the trusted key state for the root key
of the resolvers that handle that user's DNS queries". of the resolvers that handle that user's DNS queries".
* [RFC8901] "presents deployment models that accommodate this * [RFC8901] "presents deployment models that accommodate this
scenario [when each DNS provider independently signs zone data scenario [when each DNS provider independently signs zone data
with their own keys] and describes these key-management with their own keys] and describes these key-management
requirements". requirements".
skipping to change at page 8, line 32 skipping to change at line 352
DOI 10.17487/RFC5702, October 2009, DOI 10.17487/RFC5702, October 2009,
<https://www.rfc-editor.org/info/rfc5702>. <https://www.rfc-editor.org/info/rfc5702>.
[RFC6840] Weiler, S., Ed. and D. Blacka, Ed., "Clarifications and [RFC6840] Weiler, S., Ed. and D. Blacka, Ed., "Clarifications and
Implementation Notes for DNS Security (DNSSEC)", RFC 6840, Implementation Notes for DNS Security (DNSSEC)", RFC 6840,
DOI 10.17487/RFC6840, February 2013, DOI 10.17487/RFC6840, February 2013,
<https://www.rfc-editor.org/info/rfc6840>. <https://www.rfc-editor.org/info/rfc6840>.
8.2. Informative References 8.2. Informative References
[I-D.ietf-dnsop-rfc5933-bis] [GOST-SIGN]
Belyavsky, D., Dolmatov, V., and B. Makarenko, "Use of Belyavsky, D., Dolmatov, V., Ed., and B. Makarenko, Ed.,
GOST 2012 Signature Algorithms in DNSKEY and RRSIG "Use of GOST 2012 Signature Algorithms in DNSKEY and RRSIG
Resource Records for DNSSEC", Work in Progress, Internet- Resource Records for DNSSEC", Work in Progress, Internet-
Draft, draft-ietf-dnsop-rfc5933-bis-12, 23 October 2022, Draft, draft-ietf-dnsop-rfc5933-bis-13, 30 November 2022,
<https://www.ietf.org/archive/id/draft-ietf-dnsop-rfc5933- <https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-
bis-12.txt>. rfc5933-bis-13>.
[RFC2065] Eastlake 3rd, D. and C. Kaufman, "Domain Name System [RFC2065] Eastlake 3rd, D. and C. Kaufman, "Domain Name System
Security Extensions", RFC 2065, DOI 10.17487/RFC2065, Security Extensions", RFC 2065, DOI 10.17487/RFC2065,
January 1997, <https://www.rfc-editor.org/info/rfc2065>. January 1997, <https://www.rfc-editor.org/info/rfc2065>.
[RFC2535] Eastlake 3rd, D., "Domain Name System Security [RFC2535] Eastlake 3rd, D., "Domain Name System Security
Extensions", RFC 2535, DOI 10.17487/RFC2535, March 1999, Extensions", RFC 2535, DOI 10.17487/RFC2535, March 1999,
<https://www.rfc-editor.org/info/rfc2535>. <https://www.rfc-editor.org/info/rfc2535>.
[RFC2536] Eastlake 3rd, D., "DSA KEYs and SIGs in the Domain Name [RFC2536] Eastlake 3rd, D., "DSA KEYs and SIGs in the Domain Name
skipping to change at page 11, line 28 skipping to change at line 489
[RFC9157] Hoffman, P., "Revised IANA Considerations for DNSSEC", [RFC9157] Hoffman, P., "Revised IANA Considerations for DNSSEC",
RFC 9157, DOI 10.17487/RFC9157, December 2021, RFC 9157, DOI 10.17487/RFC9157, December 2021,
<https://www.rfc-editor.org/info/rfc9157>. <https://www.rfc-editor.org/info/rfc9157>.
[RFC9276] Hardaker, W. and V. Dukhovni, "Guidance for NSEC3 [RFC9276] Hardaker, W. and V. Dukhovni, "Guidance for NSEC3
Parameter Settings", BCP 236, RFC 9276, Parameter Settings", BCP 236, RFC 9276,
DOI 10.17487/RFC9276, August 2022, DOI 10.17487/RFC9276, August 2022,
<https://www.rfc-editor.org/info/rfc9276>. <https://www.rfc-editor.org/info/rfc9276>.
Appendix A. Acknowledgements Acknowledgements
The DNS world owes a depth of gratitude to the authors and other The DNS world owes a depth of gratitude to the authors and other
contributors to the core DNSSEC documents, and to the notable DNSSEC contributors to the core DNSSEC documents and to the notable DNSSEC
extensions. extensions.
In addition, the following people made significant contributions to In addition, the following people made significant contributions to
early versions of this document: Ben Schwartz and Duane Wessels. early draft versions of this document: Ben Schwartz and Duane
Wessels.
Author's Address Author's Address
Paul Hoffman Paul Hoffman
ICANN ICANN
Email: paul.hoffman@icann.org Email: paul.hoffman@icann.org
 End of changes. 32 change blocks. 
100 lines changed or deleted 97 lines changed or added

This html diff was produced by rfcdiff 1.48.