Problems with TSIG/DNSSEC
Jim Reid
jim at rfc1035.com
Thu Aug 16 21:42:38 UTC 2001
>>>>> "Kevin" == Kevin Darcy <kcd at daimlerchrysler.com> writes:
Kevin> They have to be within a certain "fudge" of each other,
Kevin> about 5 minutes or thereabouts.
Kevin> The reason for giving limited lifetimes to crypto
Kevin> signatures is so that there isn't enough time for the bad
Kevin> guys to decrypt them.
This is true but irrelevant for TSIG. The timestamps in TSIG are
primarily there to prevent replay attacks. They're not (some sort of)
time to live values. RFC2845 says "TSIG is a meta-RR and MUST not be
cached" and "the TSIG RR is discarded once it has been used to
authenticate a DNS message". The "signatures" in TSIGs are essentially
MD5 hashes so it's practically impossible to figure out what shared
secret was used in the computation of the hash value.
More information about the bind-users
mailing list