From: Suresh K <hs...@us...> - 2006-03-10 20:37:49
|
Update of /cvsroot/dnssec-tools/htdocs/docs In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29948 Modified Files: trust-anchor-comparison.htm Log Message: Added links for different documents Index: trust-anchor-comparison.htm =================================================================== RCS file: /cvsroot/dnssec-tools/htdocs/docs/trust-anchor-comparison.htm,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** trust-anchor-comparison.htm 10 Mar 2006 19:03:41 -0000 1.1 --- trust-anchor-comparison.htm 10 Mar 2006 20:37:27 -0000 1.2 *************** *** 1 **** ! <html> <head> <meta http-equiv=Content-Type content="text/html; charset=macintosh"> <meta name=ProgId content=Excel.Sheet> <meta name=Generator content="Microsoft Excel 11"> <style> <!--table {} .style0 {text-align:general; vertical-align:bottom; white-space:nowrap; color:windowtext; font-size:10.0pt; font-weight:400; font-style:normal; text-decoration:none; font-family:Verdana; border:none;} td {padding-top:1px; padding-right:1px; padding-left:1px; color:windowtext; font-size:10.0pt; font-weight:400; font-style:normal; text-decoration:none; font-family:Verdana; text-align:general; vertical-align:bottom; border:none; white-space:nowrap;} .xl24 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border:.5pt solid windowtext; white-space:normal;} .xl25 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:top; border:.5pt solid windowtext; white-space:normal;} .xl26 {font-size:8.0pt; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl27 {font-size:8.0pt; vertical-align:top; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl28 {font-size:8.0pt; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl29 {font-size:8.0pt; text-align:left; vertical-align:top; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl30 {font-size:8.0pt; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:2.0pt double windowtext; border-left:.5pt solid windowtext; white-space:normal;} .xl31 {font-size:8.0pt; vertical-align:top; border-top:none; border-right:.5pt solid windowtext; border-bottom:2.0pt double windowtext; border-left:.5pt solid windowtext; white-space:normal;} .xl32 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border:.5pt solid windowtext; white-space:normal;} .xl33 {font-size:8.0pt; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl34 {font-size:8.0pt; text-align:left; vertical-align:top; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl35 {font-size:8.0pt; vertical-align:top; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl36 {font-size:8.0pt; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:2.0pt double windowtext; border-left:.5pt solid windowtext; white-space:normal;} .xl37 {font-size:8.0pt; font-weight:700; text-align:center; white-space:normal;} .xl38 {font-size:8.0pt; white-space:normal;} .xl39 {font-size:8.0pt; border-top:none; border-right:none; border-bottom:2.0pt double windowtext; border-left:none; white-space:normal;} .xl40 {font-size:8.0pt; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; background:silver; white-space:normal;} .xl41 {font-size:8.0pt; text-align:left; vertical-align:top; white-space:normal;} .xl42 {font-size:8.0pt; text-align:center; vertical-align:top; white-space:normal;} .xl43 {font-size:8.0pt; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:none; white-space:normal;} .xl44 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl45 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl46 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:top; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl47 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border-top:none; border-right:none; border-bottom:none; border-left:.5pt solid windowtext; background:silver; white-space:normal;} .xl48 {font-weight:700; background:silver; white-space:normal;} .xl49 {font-weight:700; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:none; background:silver; white-space:normal;} .xl50 {text-align:center; background:silver; white-space:normal;} .xl51 {text-align:center; white-space:normal;} .xl52 {text-align:center; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:none; white-space:normal;} .xl53 {font-size:8.0pt; font-weight:700; background:silver; white-space:normal;} .xl54 {white-space:normal;} .xl55 {border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:none; white-space:normal;} --> </style> </head> <body link="#0000d4" vlink="#993366" class=xl38> <table border=0 cellpadding=0 cellspacing=0 width=1058 style='border-collapse: collapse;table-layout:fixed'> <col class=xl26 width=33> <col class=xl33 width=134> <col class=xl27 width=154> <col class=xl27 width=152> <col class=xl27 width=149> <col class=xl27 width=151> <col class=xl27 width=141> <col class=xl27 width=144> <tr class=xl37 height=11> <td height=11 class=xl24 width=33>ID</td> <td class=xl32 width=134>Requirement</td> <td class=xl25 width=154>Comments/Rationale</td> <td class=xl25 width=152>M-of-N</td> <td class=xl25 width=149>Timers</td> <td class=xl25 width=151>Laurie</td> <td class=xl25 width=141>Vixie</td> <td class=xl25 width=144>Moreau</td> </tr> <tr class=xl37 height=11> <td height=11 class=xl44 width=33> </td> <td class=xl45 width=134> </td> <td class=xl46 width=154> </td> <td class=xl46 width=152> </td> <td class=xl46 width=149> </td> <td class=xl46 width=151> </td> <td class=xl46 width=141> </td> <td class=xl46 width=144> </td> </tr> <tr class=xl37 height=13> <td colspan=8 height=13 class=xl47 width=1058 style='border-right:.5pt solid black'>draft-ietf-dnsext-rollover-rquirements-00</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=113> <td height=113 class=xl26 width=33>1</td> <td class=xl29 width=134>Support for large number of resolvers and up to 1000 trust anchors per resolver</td> <td class=xl27 width=154>Rollover daemons may have to periodically query nameservers to identify apex keyset. </td> <td class=xl29 width=152>Queries to make sure that the keyset has not changed (TTL)</td> <td class=xl27 width=149>Queries to make sure keyset has not changed + one query during the add-hold period for each new key + one query per revoked-key advertisement window</td> <td class=xl27 width=151>Scales well for large number of resolvers. However as the number of islands grows, there are more certificates to retrieve recursively</td> <td class=xl27 width=141>query for apex when hash of keyset changes + any query to that zone within the period that a key might change (TTL).</td> <td class=xl29 width=144>Queries to make sure that the keyset has not changed (TTL) + queries for the SDDA</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=141> <td height=141 class=xl26 width=33>2</td> <td class=xl33 width=134>No IPR encumberance/ globally deployable</td> <td class=xl27 width=154>Encourage interoperability</td> <td class=xl27 width=152>Diversinet patent filed in Israel and also applied for in Canada. Don't understand what it considers "reasonable" (I am not a lawyer)</td> <td class=xl27 width=149>Diversinet patent filed in Israel and also applied for in Canada. Don't understand what it considers "reasonable" (I am not a lawyer)</td> <td class=xl27 width=151>None currently known</td> <td class=xl27 width=141>Suffers from the same patent claim that M-N does(?)</td> <td class=xl27 width=144>There is some hint that the idea of pre-distribution of digests is not new -- using MASH's is patented though, and the idea is not universally free to use</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=46> <td height=46 class=xl40 width=33>3,4</td> <td class=xl35 width=134>Support for all types of zones and networks (tunable to their needs)</td> <td class=xl27 width=154>Universal solution</td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=101 style='page-break-before:always'> <td height=101 class=xl26 width=33>5</td> <td class=xl35 width=134>Support reconnection upto a period of N months</td> <td class=xl27 width=154>Avoid initial setup if it can be avoided</td> <td class=xl27 width=152>Does not directly support this</td> <td class=xl27 width=149>Does not directly support this</td> <td class=xl27 width=151>As long as you can trust the local CA certificate, resolvers can reconnect without problem</td> <td class=xl27 width=141>Does not directly support this</td> <td class=xl27 width=144>If resolvers have the current key in the set of pre-distributed keys, they can reconnect without problem</td> </tr> <tr height=15> <td height=15 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=113> <td height=113 class=xl40 width=33>6</td> <td class=xl35 width=134>Leave room for manual rollover operations</td> <td class=xl27 width=154>It is always possible to manually set the trust anchor, so one interpretation of this requirement could be that doing so should not prevent automated mechanisms from taking over thereon</td> <td class=xl27 width=152>No state is maintained, so no harm done if trust anchors are manually configured</td> <td class=xl27 width=149>Probably no harm -- specification needs to be updated to specify how the timers are affected if trust anchors change OOB</td> <td class=xl27 width=151>The bootstrapping process simply gives a list of keys, which can also be configured manually</td> <td class=xl27 width=141>No state is maintained, so no harm done if trust anchors are manually configured</td> <td class=xl27 width=144>Should be possible to configure a trust anchor manually</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=112> <td height=112 class=xl26 width=33>7</td> <td class=xl34 width=134>Support for pre-scheduled and emergency types of rollover</td> <td class=xl27 width=154>Why do we want to separate these two?</td> <td class=xl27 width=152>Supports pre-scheduled well, emergency rollover cannot be detected any sooner</td> <td class=xl27 width=149>Supports pre-scheduled well, emergency rollover cannot be detected any sooner</td> <td class=xl27 width=151>rollovers in general can only be detected at the same rate at which bootstrapping is done</td> <td class=xl27 width=141>Supports pre-scheduled well. Emergency rollover is faster than MofN because any DNS response from that zone can trigger this </td> <td class=xl27 width=144>Supports pre-scheduled well, emergency rollover cannot be detected any sooner</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=45> <td height=45 class=xl40 width=33>8</td> <td class=xl35 width=134>Timeliness</td> <td class=xl27 width=154>May be same as emergency rollover requirement</td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=67 style='page-break-before:always'> <td height=67 class=xl26 width=33>9</td> <td class=xl35 width=134>Ability to inspect issuer's knowledge of possible current and past trust anchors </td> <td class=xl27 width=154>Resolvers should be able to detect when they need to re-sync. </td> <td class=xl27 width=152>obtaining current keys is easy; obtaininig past keys is not</td> <td class=xl27 width=149>obtaining current keys is easy; obtaininig past keys is not</td> <td class=xl27 width=151>The CAs provide the repository of current and past (CRL) keys</td> <td class=xl27 width=141>obtaining current keys is easy; obtaininig past keys is not</td> <td class=xl27 width=144>Past keys (or their hash) can be known by inspecting the pre-distributed list</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=107> <td height=107 class=xl26 width=33>10</td> <td class=xl35 width=134>No new RRs shall be needed</td> <td class=xl27 width=154>No on-the-wire changes in general</td> <td class=xl27 width=152>No on-the-wire changes</td> <td class=xl27 width=149>Addition of the revoke bit in the DNSKEY (but this is a feature)</td> <td class=xl27 width=151>Completely OOB</td> <td class=xl27 width=141>Modifies name server algorithm. Keyset digest is sent in the authority section. Message size increases</td> <td class=xl27 width=144>New SDDA RR definition</td> </tr> <tr height=12> <td height=12 class=xl30 width=33> </td> <td class=xl36 width=134> </td> <td class=xl31 width=154> </td> <td class=xl31 width=152> </td> <td class=xl31 width=149> </td> <td class=xl31 width=151> </td> <td class=xl31 width=141> </td> <td class=xl31 width=144> </td> </tr> <tr height=12> <td height=12 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=14> <td colspan=8 height=14 class=xl47 width=1058 style='border-right:.5pt solid black'>Pseudo-requirements from draft-ietf-dnsext-rollover-requirements-00</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=114> <td height=114 class=xl26 width=33>11</td> <td class=xl35 width=134>trustworthy initialization of trust anchors in resolvers</td> <td class=xl27 width=154>Initialization must be manageable over the scale of the Internet </td> <td class=xl27 width=152>Need to establish trust with all zones for which a TA needs to be configured, every time the resolver is offline for a prolonged period</td> <td class=xl27 width=149>Need to establish trust with all zones for which a TA needs to be configured, every time the resolver is offline for a prolonged period</td> <td class=xl27 width=151>Need to establish trust with only the local CA. </td> <td class=xl27 width=141>Need to establish trust with all zones for which a TA needs to be configured, every time the resolver is offline for a prolonged period</td> <td class=xl27 width=144>Need to establish trust with all zones for which a TA needs to be configured, every time the resolver is offline for a prolonged period</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=33> <td height=33 class=xl40 width=33>12</td> <td class=xl35 width=134>Support trust anchors for multiple zones</td> <td class=xl27 width=154>Support for islands of trust</td> <td class=xl27 width=152>Supports this</td> <td class=xl27 width=149>Supports this</td> <td class=xl27 width=151>Supports this</td> <td class=xl27 width=141>Supports this</td> <td class=xl27 width=144>Supports this</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=70 style='page-break-before:always'> <td height=70 class=xl40 width=33>13</td> <td class=xl35 width=134>Support for multiple trust anchors per zone</td> <td class=xl27 width=154>Pre-publishing, use of diverse algorithms etc</td> <td class=xl27 width=152>Supports this</td> <td class=xl27 width=149>Supports this</td> <td class=xl27 width=151>Supports this</td> <td class=xl27 width=141>Supports this</td> <td class=xl27 width=144>Supports this: different SDDA RRs in the RRset can point to different DNSKEYs </td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=140> <td height=140 class=xl26 width=33>14</td> <td class=xl35 width=134>Should support add, remove, replace(as a single operation)</td> <td class=xl27 width=154>Basic operations. Remove is different from revoke</td> <td class=xl27 width=152>Add, remove and replace may not be simultaneously possible. For replace N has to be at least 2, but for single addition N has to be 1. </td> <td class=xl27 width=149>Supports add and remove operations. Remove is same as revoke unless it is inside the add-hold time interval. Replace is not possiblein one step (because of the add-hold timer)</td> <td class=xl27 width=151>Supports add. Remove and replace are only possible if keys are revoked.</td> <td class=xl27 width=141>Add, remove and replace may not be simultaneously possible. For replace N has to be at least 2, but for single addition of key N has to be 1</td> <td class=xl27 width=144>Supports add, remove and replace operations</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=89> <td height=89 class=xl26 width=33>15</td> <td class=xl35 width=134>must support revocation and knowledge about which keys are the target of revocation</td> <td class=xl27 width=154>Revocation is different from replacement</td> <td class=xl27 width=152>Does not support revocation </td> <td class=xl27 width=149>Supports revocation, but may not have knowledge of the complete set of keys that were revoked - it only knows what it sees</td> <td class=xl27 width=151>Supports revocation through the X509 infrastructure</td> <td class=xl27 width=141>Does not support revocation</td> <td class=xl27 width=144>Does not support revocation</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=106> <td height=106 class=xl26 width=33>16</td> <td class=xl35 width=134>Ability to define effectivity periods for tust anchors</td> <td class=xl27 width=154>Helpful for determining a polling interval</td> <td class=xl27 width=152>Not possible </td> <td class=xl27 width=149>Not possible</td> <td class=xl27 width=151>Supports this through the X509 infrastructure</td> <td class=xl27 width=141>Not possible</td> <td class=xl27 width=144>Might be able to augment initial distribution or the SDDA records with effectivity periods for keys</td> </tr> <tr class=xl39 height=12> <td height=12 class=xl30 width=33> </td> <td class=xl36 width=134> </td> <td class=xl31 width=154> </td> <td class=xl31 width=152> </td> <td class=xl31 width=149> </td> <td class=xl31 width=151> </td> <td class=xl31 width=141> </td> <td class=xl31 width=144> </td> </tr> <tr class=xl38 height=12 style='page-break-before:always'> <td height=12 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr class=xl38 height=13> <td colspan=8 height=13 class=xl47 width=1058 style='border-right:.5pt solid black'>draft-moreau-dnsext-tak-req-00</td> </tr> <tr class=xl38 height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr class=xl38 height=95> <td height=95 class=xl40 width=33>17</td> <td class=xl33 width=134>Organizations must universally agree to follow guidelines </td> <td class=xl27 width=154>Maybe this is trying to say that the procedure should be operationally viable, which is the same as requirement 3,4 </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr class=xl38 height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=128> <td height=128 class=xl26 width=33>18, 19</td> <td class=xl35 width=134>Must include a local store, Must assume an opportunity for initializing the trusted configuration</td> <td class=xl27 width=154>are there any resolver scenarios where there might not be sufficient memory to store the initial trusted configuration? The requirement may instead be: must keep the amount of local persistent storage to a minimum</td> <td class=xl27 width=152>Needs memory for storing at least M+N keys per island of trust </td> <td class=xl27 width=149>Needs sufficient memory for at least two trust anchor keys per island of trust and the set of revoked keys that were seen</td> <td class=xl27 width=151>Needs sufficient memory to store location and certificate of local CA</td> <td class=xl27 width=141>Similar to M-of-N </td> <td class=xl27 width=144>Needs memory to store the series of 4-tuples for every island of trust</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=60> <td height=60 class=xl40 width=33>20</td> <td class=xl33 width=134>Trustworthiness must not degrade after a rollover</td> <td class=xl27 width=154>May be a policy issue (which algorithm to allow etc). How does one define degraded trustworthyness? </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=174 style='page-break-before:always'> <td height=174 class=xl26 width=33>21</td> <td class=xl33 width=134>Failure conditions must be identifiable and detectable</td> <td class=xl27 width=154>Looking at it differently from revocation (which is given in 15), this might instead refer to distinguishing between genuine loss of synchronization and DoS attacks</td> <td class=xl27 width=152>Difficult to make this distinction if the name sever rolls its keys faster than the polling interval.</td> <td class=xl27 width=149>Depends on how much you believe that your revocation information is current. If you suddenly see new keys and you know you haven't missed revocation event, you can ignore the new keys</td> <td class=xl27 width=151>Rollover is essentially doing the resolver bootstrap all over again. The resolver may treat multiple unknown trust anchors as cue to perform the bootstrap, backing off from this process exponentially</td> <td class=xl27 width=141>Difficult to make this distinction if the name sever rolls its keys faster than the polling interval.</td> <td class=xl27 width=144>Since there is no revocation information maintained, you donÕt know if the name server operator suddenly decided to change the complete set of pre-published keys</td> </tr> <tr height=17> <td height=17 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=58> <td height=58 class=xl40 width=33>22</td> <td class=xl33 width=134>Must allow for protection against reuse attacks</td> <td class=xl27 width=154>Looks like the same as 15</td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=66> <td height=66 class=xl40 width=33>23</td> <td class=xl33 width=134>Must disclose how dependent the procedure is on OOB distribution of configuration information</td> <td class=xl27 width=154>This may be trying to say the same thing as 11</td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=118> <td height=118 class=xl26 width=33>24</td> <td class=xl33 width=134>Must allow for overlapping periods of key validity</td> <td class=xl27 width=154>This is a requirement for the zone data adminstrator and is not under the control of the trust anchor rollover protocol</td> <td class=xl27 width=152>If rollover at the zone is not graceful, you would fall back to initial state</td> <td class=xl27 width=149>If rollover at the zone is not graceful, you would fall back to initial state</td> <td class=xl27 width=151>Non-graceful rollover of keys at the zone does not adversely impact this approach. You simply bootstrap all over again</td> <td class=xl27 width=141>If rollover at the zone is not graceful, you would fall back to initial state</td> <td class=xl27 width=144>Even if rollover at the zone is not graceful, you can still carry on the process if the new key is in your pre-distributed list of keys. </td> </tr> <tr height=16 style='page-break-before:always'> <td height=16 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=125> <td height=125 class=xl26 width=33>25</td> <td class=xl33 width=134>It should be possible to identify which keys are have been added/rolled over</td> <td class=xl27 width=154>There is always local policy that can influence the final decision on whether a key is rolled over at the resolver end</td> <td class=xl27 width=152> You don't really know if one of the keys in the trusted set was removed. The M and N parameters are additional policy knobs that determine exact key that is rolled over.</td> <td class=xl27 width=149>The values of the timers can influence the set of keys that are added as trust anchors in the resolver.</td> <td class=xl27 width=151>You get to see this in the CRLs</td> <td class=xl27 width=141>You don't really know if one of the keys in the trusted set was removed</td> <td class=xl27 width=144>Its possible to examine the pre-distributed list to know which keys have been rolled over.</td> </tr> <tr height=16> <td height=16 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=67> <td height=67 class=xl40 width=33>26</td> <td class=xl41 width=134>Disclosure of which aspects of secrity principles are needed for avoidance of critical failure</td> <td class=xl29 width=154>This may be same as 21</td> <td class=xl42 width=152></td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr class=xl39 height=12> <td height=12 class=xl30 width=33> </td> <td class=xl36 width=134> </td> <td class=xl31 width=154> </td> <td class=xl31 width=152> </td> <td class=xl31 width=149> </td> <td class=xl31 width=151> </td> <td class=xl31 width=141> </td> <td class=xl31 width=144> </td> </tr> <tr class=xl38 height=12> <td height=12 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr class=xl38 height=13> <td colspan=8 height=13 class=xl47 width=1058 style='border-right:.5pt solid black'>Other Requirements</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=45> <td height=45 class=xl26 width=33>27</td> <td class=xl33 width=134>Must be an in-band mechanism</td> <td class=xl27 width=154>No reliance on other pieces that can fail separately</td> <td class=xl27 width=152>If re-sync is not needed, completely in-band</td> <td class=xl27 width=149>If re-sync is not needed, completely inband</td> <td class=xl27 width=151>DNSSEC fails if X509 infrastructure fails</td> <td class=xl27 width=141>If re-sync is not needed, completely inband</td> <td class=xl27 width=144>If re-sync is not needed, completely inband</td> </tr> <tr height=18> <td height=18 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=78> <td height=78 class=xl26 width=33>28</td> <td class=xl33 width=134>Shall work for different types of keys in the keyset (unknown algorithms, only ZSKs, only KSKs)</td> <td class=xl27 width=154>Since there is no protocol difference between ZSKs and KSKs, you cannot expect all zone administrators to maintain this separation</td> <td class=xl27 width=152>Needs to have ZSK and KSK separation</td> <td class=xl27 width=149>Needs to have ZSK and KSK separation</td> <td class=xl27 width=151>Need not have ZSK and KSK separation</td> <td class=xl27 width=141>Needs to have ZSK and KSK separation</td> <td class=xl27 width=144>Need not have ZSK and KSK separation</td> </tr> <tr height=11> <td height=11 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=57 style='page-break-before:always'> <td height=57 class=xl40 width=33>29</td> <td class=xl33 width=134>Must not impose a limit on how many keys can be added, removed, replaced or revoked</td> <td class=xl27 width=154>Does it matter. Should there be a limit?</td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=13> <td height=13 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=94> <td height=94 class=xl40 width=33>30</td> <td class=xl33 width=134>Trust anchor configuration must not significantly increase work for the name server operator</td> <td class=xl27 width=154>Over and above best practices, i.e.. However, emergency scenarios are different I think and graceful rollover may not be the norm here. This is covered in 24.</td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=21> <td height=21 class=xl28 width=33> </td> <td class=xl43 width=134> </td> <td class=xl38 width=154></td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=14> <td height=14 class=xl26 width=33> </td> <td class=xl43 width=134> </td> <td class=xl38 width=154></td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr class=xl39 height=12> <td height=12 class=xl30 width=33> </td> <td class=xl36 width=134> </td> <td class=xl31 width=154> </td> <td class=xl31 width=152> </td> <td class=xl31 width=149> </td> <td class=xl31 width=151> </td> <td class=xl31 width=141> </td> <td class=xl31 width=144> </td> </tr> <tr height=12> <td height=12 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> <tr height=55> <td height=55 class=xl26 width=33> </td> <td class=xl33 width=134> </td> <td class=xl27 width=154> </td> <td class=xl27 width=152> </td> <td class=xl27 width=149> </td> <td class=xl27 width=151> </td> <td class=xl27 width=141> </td> <td class=xl27 width=144> </td> </tr> </table> </body> </html> \ No newline at end of file --- 1 ---- ! <html> <head> <meta http-equiv=Content-Type content="text/html; charset=macintosh"> <meta name=ProgId content=Excel.Sheet> <meta name=Generator content="Microsoft Excel 11"> <style> <!--table {} .style21 {color:#0000D4; font-size:10.0pt; font-weight:400; font-style:normal; text-decoration:underline; text-underline-style:single; font-family:Verdana;} a:link {color:#0000D4; font-size:10.0pt; font-weight:400; font-style:normal; text-decoration:underline; text-underline-style:single; font-family:Verdana;} a:visited {color:#993366; font-size:10.0pt; font-weight:400; font-style:normal; text-decoration:underline; text-underline-style:single; font-family:Verdana;} .style0 {text-align:general; vertical-align:bottom; white-space:nowrap; color:windowtext; font-size:10.0pt; font-weight:400; font-style:normal; text-decoration:none; font-family:Verdana; border:none;} td {padding-top:1px; padding-right:1px; padding-left:1px; color:windowtext; font-size:10.0pt; font-weight:400; font-style:normal; text-decoration:none; font-family:Verdana; text-align:general; vertical-align:bottom; border:none; white-space:nowrap;} .xl24 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border:.5pt solid windowtext; white-space:normal;} .xl25 {font-size:8.0pt; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl26 {font-size:8.0pt; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:2.0pt double windowtext; border-left:.5pt solid windowtext; white-space:normal;} .xl27 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border:.5pt solid windowtext; white-space:normal;} .xl28 {font-size:8.0pt; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl29 {font-size:8.0pt; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:2.0pt double windowtext; border-left:.5pt solid windowtext; white-space:normal;} .xl30 {font-size:8.0pt; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; background:silver; white-space:normal;} .xl31 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl32 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl33 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; white-space:normal;} .xl34 {font-size:8.0pt; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl35 {font-size:8.0pt; vertical-align:middle; white-space:normal;} .xl36 {font-size:8.0pt; text-align:left; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl37 {font-size:8.0pt; text-align:left; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl38 {font-size:8.0pt; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:2.0pt double windowtext; border-left:.5pt solid windowtext; white-space:normal;} .xl39 {font-size:8.0pt; vertical-align:middle; border-top:none; border-right:none; border-bottom:2.0pt double windowtext; border-left:none; white-space:normal;} .xl40 {font-size:8.0pt; text-align:left; vertical-align:middle; white-space:normal;} .xl41 {font-size:8.0pt; text-align:center; vertical-align:middle; white-space:normal;} .xl42 {font-size:8.0pt; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:none; white-space:normal;} .xl43 {color:#0000D4; text-decoration:underline; text-underline-style:single; text-align:center; vertical-align:middle; border:.5pt solid windowtext; white-space:normal;} .xl44 {font-size:8.0pt; text-align:left; vertical-align:middle; border-top:none; border-right:none; border-bottom:none; border-left:.5pt solid windowtext; white-space:normal;} .xl45 {text-align:left; vertical-align:middle; white-space:normal;} .xl46 {vertical-align:middle; white-space:normal;} .xl47 {vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:none; white-space:normal;} .xl48 {font-size:8.0pt; font-weight:700; text-align:center; vertical-align:middle; border-top:none; border-right:none; border-bottom:none; border-left:.5pt solid windowtext; background:silver; white-space:normal;} .xl49 {font-weight:700; vertical-align:middle; background:silver; white-space:normal;} .xl50 {font-weight:700; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:none; background:silver; white-space:normal;} .xl51 {color:#0000D4; text-decoration:underline; text-underline-style:single; text-align:center; vertical-align:middle; border-top:none; border-right:none; border-bottom:none; border-left:.5pt solid windowtext; background:silver; white-space:normal;} .xl52 {color:#0000D4; text-decoration:underline; text-underline-style:single; text-align:center; vertical-align:middle; background:silver; white-space:normal;} .xl53 {color:#0000D4; text-decoration:underline; text-underline-style:single; text-align:center; vertical-align:middle; white-space:normal;} .xl54 {color:#0000D4; text-decoration:underline; text-underline-style:single; text-align:center; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:none; white-space:normal;} .xl55 {color:#0000D4; text-decoration:underline; text-underline-style:single; vertical-align:middle; background:silver; white-space:normal;} .xl56 {color:#0000D4; text-decoration:underline; text-underline-style:single; vertical-align:middle; white-space:normal;} .xl57 {color:#0000D4; text-decoration:underline; text-underline-style:single; vertical-align:middle; border-top:none; border-right:.5pt solid windowtext; border-bottom:none; border-left:none; white-space:normal;} --> </style> </head> <body link="#0000d4" vlink="#993366" class=xl35> <table border=0 cellpadding=0 cellspacing=0 width=1058 style='border-collapse: collapse;table-layout:fixed'> <col class=xl25 width=33> <col class=xl28 width=134> <col class=xl34 width=154> <col class=xl34 width=152> <col class=xl34 width=149> <col class=xl34 width=151> <col class=xl34 width=141> <col class=xl34 width=144> <tr class=xl33 height=13> <td height=13 class=xl24 width=33>ID</td> <td class=xl27 width=134>Requirement</td> <td class=xl24 width=154>Comments/Rationale</td> <td class=xl43 width=152><a href="http://www.ietf.org/internet-drafts/draft-ietf-dnsext-trustupdate-threshold-01.txt">M-of-N</a></td> <td class=xl43 width=149><a href="http://www.ietf.org/internet-drafts/draft-ietf-dnsext-trustupdate-timers-02.txt">Timers</a></td> <td class=xl43 width=151><a href="http://www.ietf.org/internet-drafts/draft-laurie-dnssec-key-distribution-01.txt">Laurie</a></td> <td class=xl43 width=141><a href="http://tools.ietf.org/wg/dnsext/minutes?item=minutes64.html">Vixie</a></td> <td class=xl43 width=144><a href="http://tools.ietf.org/wg/dnsext/draft-moreau-dnsext-takrem-dns-00.txt">Moreau</a></td> </tr> <tr class=xl33 height=11> <td height=11 class=xl31 width=33> </td> <td class=xl32 width=134> </td> <td class=xl31 width=154> </td> <td class=xl31 width=152> </td> <td class=xl31 width=149> </td> <td class=xl31 width=151> </td> <td class=xl31 width=141> </td> <td class=xl31 width=144> </td> </tr> <tr class=xl33 height=13> <td colspan=8 height=13 class=xl51 width=1058 style='border-right:.5pt solid black'><a href="http://www.ietf.org/internet-drafts/draft-ietf-dnsext-rollover-requirements-00.txt">draft-ietf-dnsext-rollover-rquirements-00</a></td> </tr> <tr height=11> <td height=11 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=113> <td height=113 class=xl25 width=33>1</td> <td class=xl36 width=134>Support for large number of resolvers and up to 1000 trust anchors per resolver</td> <td class=xl34 width=154>Rollover daemons may have to periodically query nameservers to identify apex keyset. </td> <td class=xl36 width=152>Queries to make sure that the keyset has not changed (TTL)</td> <td class=xl34 width=149>Queries to make sure keyset has not changed + one query during the add-hold period for each new key + one query per revoked-key advertisement window</td> <td class=xl34 width=151>Scales well for large number of resolvers. However as the number of islands grows, there are more certificates to retrieve recursively</td> <td class=xl34 width=141>query for apex when hash of keyset changes + any query to that zone within the period that a key might change (TTL).</td> <td class=xl36 width=144>Queries to make sure that the keyset has not changed (TTL) + queries for the SDDA</td> </tr> <tr height=11> <td height=11 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=141> <td height=141 class=xl25 width=33>2</td> <td class=xl28 width=134>No IPR encumberance/ globally deployable</td> <td class=xl34 width=154>Encourage interoperability</td> <td class=xl34 width=152>Diversinet patent filed in Israel and also applied for in Canada. Don't understand what it considers "reasonable" (I am not a lawyer)</td> <td class=xl34 width=149>Diversinet patent filed in Israel and also applied for in Canada. Don't understand what it considers "reasonable" (I am not a lawyer)</td> <td class=xl34 width=151>None currently known</td> <td class=xl34 width=141>Suffers from the same patent claim that M-N does(?)</td> <td class=xl34 width=144>There is some hint that the idea of pre-distribution of digests is not new -- using MASH's is patented though, and the idea is not universally free to use</td> </tr> <tr height=11> <td height=11 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=46> <td height=46 class=xl30 width=33>3,4</td> <td class=xl28 width=134>Support for all types of zones and networks (tunable to their needs)</td> <td class=xl34 width=154>Universal solution</td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=11> <td height=11 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=101 style='page-break-before:always'> <td height=101 class=xl25 width=33>5</td> <td class=xl28 width=134>Support reconnection upto a period of N months</td> <td class=xl34 width=154>Avoid initial setup if it can be avoided</td> <td class=xl34 width=152>Does not directly support this</td> <td class=xl34 width=149>Does not directly support this</td> <td class=xl34 width=151>As long as you can trust the local CA certificate, resolvers can reconnect without problem</td> <td class=xl34 width=141>Does not directly support this</td> <td class=xl34 width=144>If resolvers have the current key in the set of pre-distributed keys, they can reconnect without problem</td> </tr> <tr height=15> <td height=15 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=113> <td height=113 class=xl30 width=33>6</td> <td class=xl28 width=134>Leave room for manual rollover operations</td> <td class=xl34 width=154>It is always possible to manually set the trust anchor, so one interpretation of this requirement could be that doing so should not prevent automated mechanisms from taking over thereon</td> <td class=xl34 width=152>No state is maintained, so no harm done if trust anchors are manually configured</td> <td class=xl34 width=149>Probably no harm -- specification needs to be updated to specify how the timers are affected if trust anchors change OOB</td> <td class=xl34 width=151>The bootstrapping process simply gives a list of keys, which can also be configured manually</td> <td class=xl34 width=141>No state is maintained, so no harm done if trust anchors are manually configured</td> <td class=xl34 width=144>Should be possible to configure a trust anchor manually</td> </tr> <tr height=11> <td height=11 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=112> <td height=112 class=xl25 width=33>7</td> <td class=xl37 width=134>Support for pre-scheduled and emergency types of rollover</td> <td class=xl34 width=154>Why do we want to separate these two?</td> <td class=xl34 width=152>Supports pre-scheduled well; emergency rollover cannot be detected any sooner</td> <td class=xl34 width=149>Supports pre-scheduled well; emergency rollover cannot be detected any sooner</td> <td class=xl34 width=151>rollovers in general can only be detected at the same rate at which bootstrapping is done</td> <td class=xl34 width=141>Supports pre-scheduled well. Emergency rollover is faster than MofN because any DNS response from that zone can trigger this </td> <td class=xl34 width=144>Supports pre-scheduled well; emergency rollover cannot be detected any sooner</td> </tr> <tr height=11> <td height=11 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=45> <td height=45 class=xl30 width=33>8</td> <td class=xl28 width=134>Timeliness</td> <td class=xl34 width=154>May be same as emergency rollover requirement</td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=11> <td height=11 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=67 style='page-break-before:always'> <td height=67 class=xl25 width=33>9</td> <td class=xl28 width=134>Ability to inspect issuer's knowledge of possible current and past trust anchors </td> <td class=xl34 width=154>Resolvers should be able to detect when they need to re-sync. </td> <td class=xl34 width=152>obtaining current keys is easy; obtaininig past keys is not</td> <td class=xl34 width=149>obtaining current keys is easy; obtaininig past keys is not</td> <td class=xl34 width=151>The CAs provide the repository of current and past (CRL) keys</td> <td class=xl34 width=141>obtaining current keys is easy; obtaininig past keys is not</td> <td class=xl34 width=144>Past keys (or their hash) can be known by inspecting the pre-distributed list</td> </tr> <tr height=11> <td height=11 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=107> <td height=107 class=xl25 width=33>10</td> <td class=xl28 width=134>No new RRs shall be needed</td> <td class=xl34 width=154>No on-the-wire changes in general</td> <td class=xl34 width=152>No on-the-wire changes</td> <td class=xl34 width=149>Addition of the revoke bit in the DNSKEY (but this is a feature)</td> <td class=xl34 width=151>Completely OOB</td> <td class=xl34 width=141>Modifies name server algorithm. Keyset digest is sent in the authority section. Message size increases</td> <td class=xl34 width=144>New SDDA RR definition</td> </tr> <tr height=12> <td height=12 class=xl26 width=33> </td> <td class=xl29 width=134> </td> <td class=xl38 width=154> </td> <td class=xl38 width=152> </td> <td class=xl38 width=149> </td> <td class=xl38 width=151> </td> <td class=xl38 width=141> </td> <td class=xl38 width=144> </td> </tr> <tr height=12> <td height=12 class=xl25 width=33> </td> <td class=xl28 width=134> </td> <td class=xl34 width=154> </td> <td class=xl34 width=152> </td> <td class=xl34 width=149> </td> <td class=xl34 width=151> </td> <td class=xl34 width=141> </td> <td class=xl34 width=144> </td> </tr> <tr height=14> <td colspan=8 height=14 class=xl51 width=1058... [truncated message content] |