Report information
The Basics
Id:
44755
Status:
resolved
Priority:
Medium/Medium
Queue:
bind9-public
People
BugTracker
Version Fixed:
9.12.0
Version Found:
(no value)
Versions Affected:
(no value)
Versions Planned:
9.12
Priority:
P1 High
Severity:
S3 Low
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
(no value)
Area:
feature
Dates
Created:Fri, 24 Feb 2017 11:18:26 -0500
Updated:Mon, 18 Sep 2017 20:03:27 -0400
Closed:Mon, 18 Sep 2017 20:03:27 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Fri, 24 Feb 2017 11:18:26 -0500 Francis Dupont <Francis_Dupont@isc.org> - Ticket created
Subject: Change the RSA default hash to SHA-256 for 9.12

A SHA-1 collision was found so we should change the default for the next release (9.12 as it is too late for 9.11 and there is no emergency).
Fri, 03 Mar 2017 03:33:11 -0500 Francis Dupont <Francis_Dupont@isc.org> - Status changed from 'new' to 'open'
Tue, 13 Jun 2017 14:04:42 -0400 Vicky Risk <vicky@isc.org> - Priority P1 High added
Tue, 13 Jun 2017 14:04:42 -0400 Vicky Risk <vicky@isc.org> - Versions Planned 9.12 added
Tue, 13 Jun 2017 14:04:42 -0400 Vicky Risk <vicky@isc.org> - Severity S3 Low added
Thu, 27 Jul 2017 19:45:51 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'open' to 'review'
Wed, 02 Aug 2017 09:04:38 -0400 Francis Dupont <Francis_Dupont@isc.org> - Taken
Wed, 02 Aug 2017 10:09:56 -0400 Francis Dupont <Francis_Dupont@isc.org> - Given to Evan Hunt <Evan_Hunt@isc.org>
Wed, 02 Aug 2017 16:03:31 -0400 Vicky Risk <vicky@isc.org> - Subject changed from 'Change the RSA default hash to SHA-256 for 9.12' to 'Remove the RSA default hash for 9.12'
Mon, 07 Aug 2017 22:00:55 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'review' to 'open'
Tue, 08 Aug 2017 11:26:39 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #6 to bind9-public
Tue, 08 Aug 2017 11:26:39 -0400 Vicky Risk <vicky@isc.org> - Area feature added
Tue, 08 Aug 2017 11:29:04 -0400 Vicky Risk <vicky@isc.org> - Subject changed from 'Remove the RSA default hash for 9.12' to 'Remove the default hash setting for RSA in 9.12'
  Tue, 08 Aug 2017 16:08:22 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

I've made parallel changes in dnssec-keyfromlabel now, and fixed the system tests that relied on default values. Can I get a final review?
Tue, 08 Aug 2017 16:08:23 -0400 Evan Hunt <Evan_Hunt@isc.org> - Untaken
Tue, 08 Aug 2017 16:08:31 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'open' to 'review'
  Sun, 20 Aug 2017 13:19:51 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

Ping. Someone please review this?
Sun, 20 Aug 2017 20:46:36 -0400 Mukund Sivaraman <muks@isc.org> - Taken
Sun, 20 Aug 2017 21:53:02 -0400 Mukund Sivaraman <muks@isc.org> - Given to Evan Hunt <Evan_Hunt@isc.org>
  Thu, 24 Aug 2017 16:48:16 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

On Mon Aug 21 01:51:38 2017, muks wrote: > Don't introduce the RSA256 and RSA512 mnemonics as 256 and 512 are > associated with SHA-2 family of hash functions and are confusing with > just RSA. Fair point. My thought was, even though there's no standards support for abbreviations, it would improve usability with the longer and harder-to- remember algorithm names, but you're right those are ambiguous and should go. I've pushed that change now. Are you okay with ECDSA256 and ECDSA384, though? I find the full expansions of those algorithms almost impossible to remember and usually have to look them up and then cut and paste. But if you object I'll remove the abbreviations for those as well.
Thu, 24 Aug 2017 16:48:17 -0400 Evan Hunt <Evan_Hunt@isc.org> - Given to Mukund Sivaraman <muks@isc.org>
  Sat, 26 Aug 2017 02:19:01 -0400 Mukund Sivaraman <muks@isc.org> - Correspondence added
Date: Sat, 26 Aug 2017 11:48:43 +0530
To: "Evan Hunt via RT" <bind9-public@isc.org>
From: "Mukund Sivaraman" <muks@isc.org>
Subject: Re: [ISC-Bugs #44755] Remove the default hash setting for RSA in 9.12

Hi Evan On Thu, Aug 24, 2017 at 08:48:16PM +0000, Evan Hunt via RT wrote: > On Mon Aug 21 01:51:38 2017, muks wrote: > > Don't introduce the RSA256 and RSA512 mnemonics as 256 and 512 are > > associated with SHA-2 family of hash functions and are confusing with > > just RSA. > > Fair point. My thought was, even though there's no standards support for > abbreviations, it would improve usability with the longer and harder-to- > remember algorithm names, but you're right those are ambiguous and should > go. I've pushed that change now. > > Are you okay with ECDSA256 and ECDSA384, though? I find the full expansions > of those algorithms almost impossible to remember and usually have to look > them up and then cut and paste. But if you object I'll remove the abbreviations > for those as well. In the case of ECDSA algorithms, the hash output and public key sizes match. I'm not pushing it, but if you ask for my opinion, I'll say just stick to the IANA table mnemonics. There could be an ECDSA SHA-3 combination with matching sizes again, to prepare if something happens to SHA-2, but it's unlikely there'll be any other combinations. An admin looking to use these would look for the standard algorithm mnemonic instead of a BIND specific one. If short forms are desired, better to ask for it on dnsop@ and get more opinion on it, and it will also be the same across implementations if it gets into the table. Anyway you're aware of what the concern is, so use your judgement. :) Mukund
Sat, 26 Aug 2017 08:56:14 -0400 Mukund Sivaraman <muks@isc.org> - Given to Evan Hunt <Evan_Hunt@isc.org>
  Wed, 30 Aug 2017 21:58:15 -0400 Evan Hunt <Evan_Hunt@isc.org> - Correspondence added

4594. [func] dnssec-keygen no longer uses RSASHA1 by default; the signing algorithm must be specified on the command line with the "-a" option. Signing scripts that rely on the existing default behavior will break; use "dnssec-keygen -a RSASHA1" to repair them. (The goal of this change is to make it easier to find scripts using RSASHA1 so they can be changed in the event of that algorithm being deprecated in the future.) [RT #44755] 9.12.0 This necessitated changing a number of system tests that used dnssec-keygen with the default algorithm, so I'm putting this ticket in the qa queue to make sure those changes were all correct. There were no new tests added.
Wed, 30 Aug 2017 21:58:16 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'review' to 'qa'
Wed, 30 Aug 2017 21:58:29 -0400 Evan Hunt <Evan_Hunt@isc.org> - Version Fixed 9.12.0 added
  Mon, 18 Sep 2017 20:03:25 -0400 Curtis Blackburn <ckb@isc.org> - Correspondence added

Looks fine to me. resolving. On Wed Aug 30 18:58:15 2017, each wrote: > 4594. [func] dnssec-keygen no longer uses RSASHA1 by default; > the signing algorithm must be specified on > the command line with the "-a" option. Signing > scripts that rely on the existing default behavior > will break; use "dnssec-keygen -a RSASHA1" to > repair them. (The goal of this change is to make > it easier to find scripts using RSASHA1 so they > can be changed in the event of that algorithm > being deprecated in the future.) [RT #44755] > > 9.12.0 > > This necessitated changing a number of system tests that used dnssec-keygen > with the default algorithm, so I'm putting this ticket in the qa queue to > make sure those changes were all correct. There were no new tests added.
Mon, 18 Sep 2017 20:03:27 -0400 Curtis Blackburn <ckb@isc.org> - Status changed from 'qa' to 'resolved'