From the Beginning: Key Transitions in the First 15 Years of DNSSEC

TL;DR

This paper introduces a formal framework to evaluate DNSSEC key transitions, applying it to 15 years of data to identify operational practices, gaps, and noncompliance in real-world DNSSEC deployment.

Contribution

It proposes a novel anatomy and classification model for DNSSEC key transitions, enabling empirical analysis of operational practices over 15 years.

Findings

Identified gaps between prescribed and actual key management practices.

Detected noncompliant key transitions that are operationally necessary.

Analyzed the diversity of key transition types used globally.

Abstract

When the global rollout of the DNS Security Extensions (DNSSEC) began in 2005, a first-of-its-kind trial started: The complexity of a core Internet protocol was magnified in favor of better security for the overall Internet. Thereby, the scale of the loosely-federated delegation in DNS became an unprecedented cryptographic key management challenge. Though fundamental for current and future operational success, our community lacks a clear notion of how to empirically evaluate the process of securely transitioning keys. In this paper, we propose two building blocks to formally characterize and assess key transitions. First, the anatomy of key transitions, i.e., measurable and well-defined properties of key changes; and second, a novel classification model based on this anatomy for describing key transition practices in abstract terms. This abstraction allows for classifying operational behavior. We apply our proposed transition anatomy and transition classes to describe the global DNSSEC deployment. Specifically, we use measurements from the first 15 years of the DNSSEC rollout to detect and understand which key transitions have been used to what degree and which rates of errors and warnings occurred. In contrast to prior work, we consider all possible transitions and not only 1:1 key rollovers. Our results show measurable gaps between prescribed key management processes and key transitions in the wild. We also find evidence that such noncompliant transitions are needed in operations.