+++ /dev/null
-Copyright (C) 2014, 2016 Internet Systems Consortium, Inc. ("ISC")
-
-This Source Code Form is subject to the terms of the Mozilla Public
-License, v. 2.0. If a copy of the MPL was not distributed with this
-file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
- Source Identity Token
-
-Source Identity Token (SIT) is based in Donald Eastlake 3rd's DNS Cookies[1].
-
-The main differences are that the error code has been dropped and
-that the server cookie doesn't have a fixed length and may be
-missing.
-
-The error code has been dropped because it served no useful purpose
-for us. If it was to be restored it should be the first element
-of the option.
-
-We extended the server cookie to transmit server time and to include
-a server generated nonce. The purpose of these is to provide a
-short window of time (1 hour with a 5 minutes of clock skew for
-cluster time) where a previous cookie can be used for and to not
-require the server secret to be updated when it is shared by a
-cluster of servers. In particular the time of generation needed
-to be passed between servers via the client so that old cookie can
-be rejected.
-
-The option structure is:
-
- client cookie (64 bits)
- server cookie (128 bits) broken up into:
- - nonce (32 bits)
- - time (32 bits)
- - hash (64 bits)
-
-The initial requests just sends the client cookie. If the response
-contains a matching client cookie the entire response is saved and
-sent on the next transaction. A new server cookie is generated for
-every response.
-
-We are currently using EDNS Experimental code point 65001. This is
-subject to change.
-
-We have three supported hash method. AES, HMAC SHA 1 and HMAC SHA 256.
-A cluster of servers needs to choose one of them.
-
-AES
- memset(input, 0, sizeof(input));
- cp = isc_buffer_used(buf);
- isc_buffer_putmem(buf, client->cookie, 8);
- isc_buffer_putuint32(buf, nonce);
- isc_buffer_putuint32(buf, when);
- memmove(input, cp, 16);
- isc_aes128_crypt(ns_g_server->secret, input, digest);
- for (i = 0; i < 8; i++)
- input[i] = digest[i] ^ digest[i + 8];
- isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr);
- switch (netaddr.family) {
- case AF_INET:
- memmove(input + 8, (unsigned char *)&netaddr.type.in, 4);
- memset(input + 12, 0, 4);
- isc_aes128_crypt(ns_g_server->secret, input, digest);
- break;
- case AF_INET6:
- memmove(input + 8, (unsigned char *)&netaddr.type.in6, 16);
- isc_aes128_crypt(ns_g_server->secret, input, digest);
- for (i = 0; i < 8; i++)
- input[i + 8] = digest[i] ^ digest[i + 8];
- isc_aes128_crypt(ns_g_server->secret, input + 8, digest);
- break;
- }
- for (i = 0; i < 8; i++)
- digest[i] ^= digest[i + 8];
- isc_buffer_putmem(buf, digest, 8);
-
-HMAC SHA1
-
- hash = trunc(hmacsha1(secret, client|nonce|when|address), 8);
-
-HMAC SHA256
-
- hash = trunc(hmacsha256(secret, client|nonce|when|address), 8);
-
-[1]
-INTERNET-DRAFT Donald Eastlake
-Intended Status: Proposed Standard Huawei
-Expires: July 21, 2014 January 22, 2014
-
-
- Domain Name System (DNS) Cookies
- <draft-eastlake-dnsext-cookies-04.txt>
-