SIT revision f4193c2021ab0aeaad33fe0b3d1d49c80db5c725
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffCopyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffSee COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff Source Identity Token
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffSource Identity Token (SIT) is based in Donald Eastlake 3rd's DNS Cookies[1].
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffThe main differences are that the error code has been dropped and
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffthat the server cookie doesn't have a fixed length and may be
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffThe error code has been dropped because it served no useful purpose
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Connifffor us. If it was to be restored it should be the first element
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffof the option.
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffWe extended the server cookie to transmit server time and to include
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffa server generated nonce. The purpose of these is to provide a
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffshort window of time (1 hour with a 5 minutes of clock skew for
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffcluster time) where a previous cookie can be used for and to not
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffrequire the server secret to be updated when it is shared by a
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffcluster of servers. In particular the time of generation needed
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffto be passed between servers via the client so that old cookie can
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffThe option structure is:
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff client cookie (64 bits)
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff server cookie (128 bits) broken up into:
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff - nonce (32 bits)
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff - time (32 bits)
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff - hash (64 bits)
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffThe initial requests just sends the client cookie. If the response
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffcontains a matching client cookie the entire response is saved and
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffsent on the next transaction. A new server cookie is generated for
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffevery response.
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffWe are currently using EDNS Experimental code point 65001. This is
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniffsubject to change.
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffWe have three supported hash method. AES, HMAC SHA 1 and HMAC SHA 256.
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffA cluster of servers needs to choose one of them.
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff memset(input, 0, sizeof(input));
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff cp = isc_buffer_used(buf);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff isc_buffer_putmem(buf, client->cookie, 8);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff isc_buffer_putuint32(buf, nonce);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff isc_buffer_putuint32(buf, when);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff memmove(input, cp, 16);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff isc_aes128_crypt(ns_g_server->secret, input, digest);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff for (i = 0; i < 8; i++)
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff input[i] = digest[i] ^ digest[i + 8];
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff case AF_INET:
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff memmove(input + 8, (unsigned char *)&netaddr.type.in, 4);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff memset(input + 12, 0, 4);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff isc_aes128_crypt(ns_g_server->secret, input, digest);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff case AF_INET6:
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff memmove(input + 8, (unsigned char *)&netaddr.type.in6, 16);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff isc_aes128_crypt(ns_g_server->secret, input, digest);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff for (i = 0; i < 8; i++)
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff input[i + 8] = digest[i] ^ digest[i + 8];
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff isc_aes128_crypt(ns_g_server->secret, input + 8, digest);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff for (i = 0; i < 8; i++)
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff digest[i] ^= digest[i + 8];
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff isc_buffer_putmem(buf, digest, 8);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff hash = trunc(hmacsha1(secret, client|nonce|when|address), 8);
40366a772eaf4aa3b8c9142c19fb818f6a565553Jeff Conniff hash = trunc(hmacsha256(secret, client|nonce|when|address), 8);
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffINTERNET-DRAFT Donald Eastlake
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffIntended Status: Proposed Standard Huawei
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff ConniffExpires: July 21, 2014 January 22, 2014
c2e84dfa3d5903f5bf0f10a70508b3effc3d26eeJeff Conniff Domain Name System (DNS) Cookies