Rolling the Root Zone DNSSEC Key Signing Key Edward Lewis AFRINIC25 November 2016

Similar documents
Rolling the Root Zone KSK. Matt Larson ICANN56 (Helsinki ) June 2016

Root Zone DNSSEC KSK Rollover

2017 DNSSEC KSK Rollover. Guillermo Cicileo LACNIC March 22, 2017

2017 DNSSEC KSK Rollover. DSSEC KSK Rollover

Root Zone DNSSEC KSK Rollover. DSSEC KSK Rollover

2017 Root DNSSEC KSK Rollover. NANOG 70 June 6, 2017

DNSSEC Trust tree: (A) ---dnslab.org. (DS keytag: 9247 dig (DNSKEY keytag. ---org. (DS keytag: d

Root KSK Rollover Update (or, We're really doing it this time)

DNSSEC Validators Requirements

RSA and ECDSA. Geoff Huston APNIC. #apricot2017

Root & TLD DNSSEC. Early Deployment Observations. Edward Lewis NANOG 56 October 23, Neustar, Inc.

Impact of Rolling the Root KSK. Ed Lewis NetNod October 2015

Managing the Root KSK Rollover, Step by Step for Operators

Root KSK Roll Delay Update

DNS/DNSSEC Workshop. In Collaboration with APNIC and HKIRC Hong Kong. Champika Wijayatunga Regional Security Engagement Manager Asia Pacific

That KSK Roll. Geoff Huston APNIC Labs

Algorithm for DNSSEC Trusted Key Rollover

ICANN Policy Update & KSK Rollover

Congratulations to Registries! New generic toplevel 500+ been delegated as a result of the New gtld Program. Many more gtlds are on the way.

ICANN and Technical Work: Really? Yes! Steve Crocker DNS Symposium, Madrid, 13 May 2017

Root KSK Roll Update Webinar

DENIC DNSSEC Testbed Software support for DNSSEC Ralf Weber

Reviewing New gtld Program Safeguards Against DNS Abuse. ICANN Operations and Policy Research 28 January 2016

Root Servers. Root hints file come in many names (db.cache, named.root, named.cache, named.ca) See root-servers.org for more detail

DNSSEC for the Root Zone. IETF 76 8 November 2009

DNS Security and DNSSEC in the root zone Luzern, Switzerland February 2010

Rolling the Root KSK. Geoff Huston. APNIC Labs. September 2017

DNSSEC in Switzerland 2 nd DENIC Testbed Meeting

Rolling the Root. Geoff Huston APNIC Labs March 2016

12 DNS Security Extensions DNS resolution via recursive nameserver DNS request/response format Simple DNS cache poisoning The Dan Kaminsky DNS

KSK Roll Prepping: RFC Presented at RIPE 71 DNS WG November 19, 2015

DNS Fundamentals. Steve Conte ICANN60 October 2017

RIPE Network Coordination Centre. K-root and DNSSEC. Wolfgang Nagele RIPE NCC.

The State and Challenges of the DNSSEC Deployment. Eric Osterweil Michael Ryan Dan Massey Lixia Zhang

Hoda Rohani Anastasios Poulidis Supervisor: Jeroen Scheerder. System and Network Engineering July 2014

Some DNSSEC thoughts. DNSOPS.JP BOF Interop Japan Geoff Huston Chief Scientist, APNIC June 2007

DNS Risk Framework Update

Universal Acceptance

Hands-on DNSSEC with DNSViz. Casey Deccio, Verisign Labs RIPE 72, Copenhagen May 23, 2016

When HTTPS Meets CDN: A Case of Authentication in Delegated Services. J. Liang, J. Jiang, H. Duan, K. Li, T. Wan, J. Wu

Afilias DNSSEC Practice Statement (DPS) Version

Root KSK Roll Delay Update

3. The DNSSEC Primer. Data Integrity (hashes) Authenticated Denial of Existence (NSEC,

DNSSEC for the Root Zone. ICANN 37 Nairobi March 2010

RSSAC Activities Update. Lars Johan Liman and Tripti Sinha RSSAC Chair ICANN-54 October 2015

Packet Traces from a Simulated Signed Root

DNSSEC All You Need To Know To Get Started

Deploying the IETF s WHOIS Protocol Replacement

Rights Protection Mechanisms: User Feedback Session

DNSSEC KSK-2010 Trust Anchor Signal Analysis

SecSpider: Distributed DNSSEC Monitoring and Key Learning

RDAP Implementation. Francisco Arias & Gustavo Lozano 21 October 2015

Scott Rose, NIST Winter JointTechs Meeting Jan 30, 2011 Clemson University

DNS SECurity Extensions technical overview

APNIC DNSSEC APNIC DNSSEC. Policy and Practice Statement. DNSSEC Policy and Practice Statement Page 1 of 12

DNSSEC DNS SECURITY EXTENSIONS INTRODUCTION TO DNSSEC FOR SECURING DNS QUERIES AND INFORMATION

DNSSEC for the Root Zone. IETF 76 Hiroshima November 2009

Table of Contents. DNS security basics. What DNSSEC has to offer. In what sense is DNS insecure? Why DNS needs to be secured.

Migrating an OpenDNSSEC signer (February 2016)

Re-engineering the DNS One Resolver at a Time. Paul Wilson Director General APNIC channeling Geoff Huston Chief Scientist

CIRA DNSSEC PRACTICE STATEMENT

RIPE NCC DNS Update. Wolfgang Nagele DNS Services Manager

Flexible Testbed for Recursive Resolver Software

A Longitudinal, End-to-End View of the DNSSEC Ecosystem

ICANN Start, Episode 1: Redirection and Wildcarding. Welcome to ICANN Start. This is the show about one issue, five questions:

Keeping DNS parents and children in sync at Internet Speed! Ólafur Guðmundsson

Toward Unspoofable Network Identifiers. CS 585 Fall 2009

Assessing and Improving the Quality of DNSSEC

Advanced Caching DNS Server

ccnso IANAWG: DNSSEC BRIEFING and Root Zone Signing (Part I) Date: 4th February 2008

.BIZ Agreement Appendix 10 Service Level Agreement (SLA) (22 August 2013)

DNS/DNSSEC Workshop. In Collaboration with APNIC and HKIRC Hong Kong. Champika Wijayatunga Regional Security Engagement Manager Asia Pacific

A Look at RFC 8145 Trust Anchor Signaling for the 2017 KSK Rollover

Multi Provider DNSSEC draft-huque-dnsop-multi-provider-dnssec-02. Shumon Huque March 22 nd 2018 DNSOP Working Group, IETF101, London, U.K.

An Overview of DNSSEC. Cesar Diaz! lacnic.net!

DNS Mark Kosters Carlos Martínez ARIN - LACNIC

Tyre Kicking the DNS. Testing Transport Considerations of Rolling Roots. Geoff Huston APNIC

DNSSEC for Humans and BIND 10. Paul Vixie Internet Systems Consortium June 9, 2011

Network Security - ISA 656 IPsec IPsec Key Management (IKE)

DNSSEC operational experiences and recommendations. Antti Ristimäki, CSC/Funet

Introduction to the Domain Name System

THE BRUTAL WORLD OF DNSSEC

DNSSEC for ISPs workshop João Damas

ICANN SSR Update. Save Vocea PacNOG17 Samoa 13 July 2015

The Performance of ECC Algorithms in DNSSEC: A Model-based Approach

ARIN Support for DNSSEC and RPKI. ION San Diego 11 December 2012 Pete Toscano, ARIN

Secure DNS (DNSSEC): A Tragedy in at Least Three Acts. Jim Reid

ROOT SERVERS MANAGEMENT AND SECURITY

GDS Resource Record: Generalization of the Delegation Signer Model

Internet Engineering Task Force (IETF) Request for Comments: Category: Best Current Practice ISSN: March 2017

Availability Problems in the DNSSEC Deployment. Eric Osterweil Dan Massey Lixia Zhang

ICANN proposal to sign the root. ICANN DNSSEC Workshop November 5, 2008, Cairo Dr. Richard Lamb

Documentation. Name Server Predelegation Check

ICANN DNSSEC Workshop Comcast s Operational Experiences 14 March 2012

Introduction to SSL. Copyright 2005 by Sericon Technology Inc.

Expires: June 16, 2004 VeriSign R. Austein ISC D. Massey USC/ISI S. Rose NIST December 17, 2003

5 DNS Security Extensions DNSSEC

A Security Evaluation of DNSSEC with NSEC Review

DNSSEC for the Root Zone. NZNOG Hamilton, NZ January 2010

Measuring ATR. Joao Damas Geoff March 2018

Transcription:

Rolling the Root Zone DNSSEC Key Signing Key Edward Lewis AFRINIC25 November 2016 edward.lewis@icann.org 1

Motivation for this talk ICANN is about to change an important configuration parameter in DNSSEC For a network operator, this may create a need for action This discussion is meant to inform: Why this is happening, what is happening, and when Highlighting: the availability of project plan documents 2

1 2 3 Trust Anchors & Root KSK Root Zone DNSSEC KSK Roll Project 3

DNS for Those Who Don't Like Protocols What is the IPv6 address for www.example.com.? www.example.com. is 2001:db8:: 4

DNSSEC for Those Who Don't Like Protocols What is the IPv6 address for www.example.com.? www.example.com. is 2001:db8:: Digital signature by example.com. 5

What is DNSSEC Validation? Validation includes the process of inspecting the digital signature and the data to verify the answer is the appropriate one The signature and data need a public key, a chain of keys, and a trust anchor Software tools today can do this when configured Validation is more than a cryptographic check Is the answer related to the question? Is the answer "fresh", replayed, and so on? 6

Why Bother? Why bother? The DNS protocol is gullible, easily fooled Forged answers in DNS can result in misdirected traffic Protect your DNS service, protect customers Validation is "self-protection" With DNSSEC as a base Extensions to secure email transfer (stop spam) Supplement to X.509 Certificate operations 7

Roles of Keys in DNSSEC DNSSEC has three kinds of records that, in some loose definition, hold cryptographic key data. The records exist because of the use of the data or "role"/"job" KSK Key Signing Key, produce signatures of keys ZSK Zone Signing Key, produces all other signatures DS Delegation Signer, a "pointer" to a key This was supposed to simplify DNS operations! 8

Crypto-checking a Signature www.example.com. is 2001:db8:: Digital signature by example.com. example.com. ZSK? OR 9

Trusting a Key example.com. ZSK The Root.COM example root KSK root ZSK com. DS com. KSK com. ZSK example.com. DS example.com. KSK 10

Over 1300 DNS - DNSSEC TLDs root KSK.NET.UK. 中国.ORG The Root.INFO.COM root ZSK com. DS net. DS org. DS lk. DS uk. DS.BR Over 1300 DS sets!.se +Over 500K in com....lk.nl 11

Anchor of the Chain of Trust The Root.COM example root KSK root ZSK com. DS com. KSK com. ZSK example.com. DS example.com. KSK example.com. ZSK 12

What is a Trust Anchor? Besides being the "top" of any DNSSEC validation process? A trust anchor is a key that an operator places full faith and trust into for the purposes of verifying responses It could be implicitly trusted because it came with the software It could be explicitly trusted via due diligence examination 13

Is the Root Zone KSK the Trust Anchor? Maybe It's really up to you By convention, there's a unique root zone, it has a KSK, for the global public Internet operated by ICANN By default, DNSSEC validation tools come configured with that KSK as the trust anchor But a user of the tools can add other trust anchors 14

1 2 3 Trust Anchors & Root KSK Root Zone DNSSEC KSK Roll Project 15

DNSSEC in the Root Zone DNSSEC in the Root Zone is managed by: ICANN, responsible for operating the root KSK Verisign, responsible for operating the root ZSK Operating the KSK KSK lifecycle management, "sign the ZSK" Operating the ZSK ZSK lifecycle management, "sign the root zone" Activities are coordinated but operated separately 16

Current Root KSK The current root KSK was created in 2010 Stored in Hardware Security Modules in two Key Management Facilities The operations surrounding the key is an entirely different talk 17

Getting the Root KSK (Public portion only!) Via the DNS As reliable as the data in unprotected DNS (Works if you not subject to an "attack") Via the Web https://data.iana.org/root-anchors/rootanchors.xml Secured by an X.509 certificate and signature Via other means Code Presentations, t-shirts, friends Always remember to check the legitimacy! 18

Changing the Root KSK There is a plan in place to change the root KSK For the first time This plan is precedent setting Because it involves an uncountable roster of participants and impacted parties When ICANN changes the KSK on our end - Anyone who (anonymously) relies on it has to change a configuration on their end No one can list all those involved unless something goes wrong 19

Why (rock the boat)? Good cryptographic hygiene Secrets don't remain secret forever Good operational hygiene Have a plan, complete enough to execute Exercise the plan under normal circumstances Why not a private test? The change of the KSK involves everyone doing DNSSEC validation on the Internet, service operators, software producers 20

Bottom Line Changing the root KSK will impact just about all DNSSEC validations If the trust anchor is "misconfigured" (i.e., the wrong key) DNSSEC will reject legitimate responses To anyone or any process relying on DNS, it will appear that the desired data is unavailable, website is unreachable, "the Internet is down" There's a broader topic of trust anchor maintenance, but that is for another time 21

1 2 3 Trust Anchors & Root KSK Root Zone DNSSEC KSK Roll Project 22

The KSK Rollover Project and Network Operators The project is meaningful to you if you are performing DNSSEC validation Geoff Huston stats: steady 15% world wide DNSSEC signing is not affected If you are validating it's time to revisit configurations and processes A root KSK roll hasn't happened before, it's new to all of us 23

The KSK Rollover Plan Documents Available at: https://www.icann.org/kskroll 2017 KSK Rollover Operational Implementation Plan 2017 KSK Rollover Systems Test Plan 2017 KSK Rollover Monitoring Plan 2017 KSK Rollover External Test Plan 2017 KSK Rollover Back Out Plan We encourage interested folks to given them a read 24

Overview of Project Plans Plans say - On October 11, 2017 a new KSK will go into use and the current KSK retired On this day, if preparations haven't been made, trouble will ensue Plans include Retaining the current cryptography settings Following Automated Updates of DNSSEC Trust Anchors Fitting the roll into normal maintenance events Testing and monitoring 25

The Project's DNS Response Size Concerns Significant DNS responses will grow to 1425 bytes during the project Experimentation, especially in IPv6, suggests this might be a concern despite empirical evidence to the contrary How to avoid potential problems Where UDP is allowed to port 53, also allow TCP Refrain from filtering DNS messages based on size 26

IPv6 fragmentation and DNS IPv6 fragmentation is done by the sender with intermediate nodes using ICMP to indicate a fragment as being "too big" By the time the DNS sender gets the ICMP, DNS has forgotten what it had sent From Geoff Huston experiments and analysis http://www.potaroo.net/ispcol/2016-05/v6frags.html TCP over IPv6 use an MTU of 1,280 bytes UDP has marginal advantages with using larger MTU, "but" 27

Dates to Watch September 19, 2017 The root zone DNSKEY set will increase to 1414 bytes for 20 days, prior to that date 1139 bytes has been the high water mark October 11, 2017 On this date the root zone DNSKEY set will be signed only by the new KSK January 11, 2018 The root zone DNSKEY set will increase to 1425 bytes for 20 days 28

Trust Anchor Management How do you trust and configure? Are trust anchors subject to configuration control? Rely on embedded data in software? Are DNSSEC validation failures monitored? Automated Updates of DNSSEC Trust Anchors Most direct, reliable means for getting the key Negative Trust Anchor management RFC 7646 Protects against errors made by others 29

Tools & Testbeds We are working with DNS software and tool developers and distributors Management/troubleshooting aids Updates of bundled keys Testbeds for Code Developers Automated updates: http://keyroll.systems/ Root zone model: https://www.toot-servers.net/ Testbeds for Service Operators I.e., using "off-the-shelf" parameters Planned for end-of-2016 30

For More Information Join the ksk-rollover@icann.org mailing list: https://mm.icann.org/listinfo/ksk-rollover Follow on Twitter @ICANN Hashtag: #KeyRoll Visit the web page: https://www.icann.org/kskroll 31

Engage with ICANN Thank You and Questions Reach me at: Email: ksk-rollover@icann.org Website: icann.org/kskroll twitter.com/icann gplus.to/icann facebook.com/icannorg weibo.com/icannorg linkedin.com/company/icann flickr.com/photos/icann youtube.com/user/icannnews slideshare.net/icannpresentations 32

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback