You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using ldns-signzone to sign zones with ECDSA, the resulting NSEC3 records and signatures are not stable. Signing the same zone multiple times produces different signed zones, even when the input zone remains unchanged.
The current non-deterministic behavior complicates scenarios where consistent signed zones are required for reproducibility, testing, or version control.
Technical Context:
RFC 8624recommends using deterministic digital signature generation for ECDSA to address such issues:
It is RECOMMENDED to use the deterministic digital signature generation procedure of the Elliptic Curve Digital Signature Algorithm (ECDSA), specified in [RFC6979], when implementing ECDSAP256SHA256 (and ECDSAP384SHA384).
Deterministic ECDSA signatures eliminate randomness by deriving the per-signature value ( k ) deterministically from the private key and input data. This ensures consistent signatures for identical inputs, resolving the instability in signed zones.
OpenSSL introduced support for RFC 6979 deterministic ECDSA signatures in version 3.2.0 (released at the end of 2023): Commit: Deterministic ECDSA Signatures
This enhancement provides a foundation for implementing deterministic ECDSA signatures in ldns.
The text was updated successfully, but these errors were encountered:
Description:
When using
ldns-signzoneto sign zones with ECDSA, the resulting NSEC3 records and signatures are not stable. Signing the same zone multiple times produces different signed zones, even when the input zone remains unchanged.The current non-deterministic behavior complicates scenarios where consistent signed zones are required for reproducibility, testing, or version control.
Technical Context:
RFC 8624 recommends using deterministic digital signature generation for ECDSA to address such issues:
Deterministic ECDSA signatures eliminate randomness by deriving the per-signature value ( k ) deterministically from the private key and input data. This ensures consistent signatures for identical inputs, resolving the instability in signed zones.
OpenSSL introduced support for RFC 6979 deterministic ECDSA signatures in version 3.2.0 (released at the end of 2023):
Commit: Deterministic ECDSA Signatures
This enhancement provides a foundation for implementing deterministic ECDSA signatures in
ldns.The text was updated successfully, but these errors were encountered: