From d429ce14a8e48d8d047400eacb5edbbe4f75adfd Mon Sep 17 00:00:00 2001
From: Peter van Dijk <peter.van.dijk@powerdns.com>
Date: Sat, 13 Jun 2020 22:53:52 +0200
Subject: [PATCH] define flags to be 257. Closes #20

---
 .../draft-vandijk-dprive-ds-dot-signal-and-pin.md   | 13 +++++++++----
 poc/test.go                                         |  2 +-
 poc/test.py                                         |  2 +-
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/draft-vandijk-dprive-ds-dot-signal-and-pin/draft-vandijk-dprive-ds-dot-signal-and-pin.md b/draft-vandijk-dprive-ds-dot-signal-and-pin/draft-vandijk-dprive-ds-dot-signal-and-pin.md
index 30b27be..6030766 100644
--- a/draft-vandijk-dprive-ds-dot-signal-and-pin/draft-vandijk-dprive-ds-dot-signal-and-pin.md
+++ b/draft-vandijk-dprive-ds-dot-signal-and-pin/draft-vandijk-dprive-ds-dot-signal-and-pin.md
@@ -103,6 +103,9 @@ Algorithm support SHOULD be handled at the TLS handshake level, which means a DN
 The pseudo DNSKEY record MUST NOT be present in the zone.
 The procedure for hashing the pseudo DNSKEY record is the same as for a normal DNSKEY as defined in RFC4034.
 
+As DNSKEY algorithm TBD is not meant to be used for Zone Signing, the existing ZONE and SEP flags do not mean anything.
+This specification statically defines the flags value as 257 for optimal compatibility with existing registry operations.
+
 The pseudo DNSKEY type can be used in CDNSKEY and CDS (as defined in [@!RFC7344]) records. These records MAY be present in the zone.
 
 For those familiar with TLSA ([@RFC6698]), key matching for this protocol is identical to that provided by `TLSA 3 1 0` for (C)DNSKEY.
@@ -116,6 +119,8 @@ We assume that we are working with a domain `example.com.` with one name server,
 
 ## Generating and placing the (C)DNSKEY/DS records
 
+[NOTE: this section uses '225' instead of 'TBD' because otherwise the code does not work. We need to fix this before publication.]
+
 We will walk you through the CDNSKEY/DS generation, demonstrating it in terms of basic shell scripting and some common tools.
 
 First, we extract the SubjectPublicKeyInfo:
@@ -152,13 +157,13 @@ openssl s_client -connect ns.example.com:853 </dev/null \
 Then we prepend
 
 ```
-example.com. IN CDNSKEY 0 3 225
+example.com. IN CDNSKEY 257 3 225
 ```
 
 so that we end up with
 
 ```
-example.com. IN CDNSKEY 0 3 225 MIICIj...AAQ==
+example.com. IN CDNSKEY 257 3 225 MIICIj...AAQ==
 ```
 
 If your registry accepts CDNSKEY, or DNSKEY via EPP, you are done - you can get your DS placed.
@@ -166,7 +171,7 @@ If your registry accepts CDNSKEY, or DNSKEY via EPP, you are done - you can get
 To generate the DS, do something like this:
 
 ```
-echo example.com. IN DNSKEY 0 3 225 MIICIj...AAQ== \
+echo example.com. IN DNSKEY 257 3 225 MIICIj...AAQ== \
   | ldns-key2ds -f -n -2 /dev/stdin
 example.com.	3600	IN	DS	7573 225 2 fcb6...c26c
 ```
@@ -196,7 +201,7 @@ A validating resolver that supports this draft will perform the following action
 1. Connects to the name server on port 853.
 2. During TLS handshake, the resolver will extract the SubjectPublicKeyInfo from the certificate.
 3. Construct an in-memory DNSKEY record [@!RFC4034] section 2 with its fields set as follow:
-  - Flags: 0
+  - Flags: 257
   - Protocol: 3
   - Algorithm: TBD
   - Public Key: The wire-format SubjectPublicKeyInfo
diff --git a/poc/test.go b/poc/test.go
index 2e69b81..0c28163 100644
--- a/poc/test.go
+++ b/poc/test.go
@@ -55,7 +55,7 @@ func main() {
 			}
 			// Assume that the first cert is probably the right one
 			cert := certs[0]
-			rdata := []byte{byte(0), byte(0), byte(3), byte(alg)}
+			rdata := []byte{byte(1), byte(1), byte(3), byte(alg)}
 			rdata = append(rdata, cert.RawSubjectPublicKeyInfo...)
 			hashData := toDnsName(domain)
 			hashData = append(hashData, rdata...)
diff --git a/poc/test.py b/poc/test.py
index 99de9f6..3abfcb1 100755
--- a/poc/test.py
+++ b/poc/test.py
@@ -32,7 +32,7 @@
 print("### pubkey:\n{}".format(cert.public_key().public_bytes(serialization.Encoding.PEM, serialization.PublicFormat.SubjectPublicKeyInfo).decode('ascii')))
 spki=cert.public_key().public_bytes(serialization.Encoding.DER, serialization.PublicFormat.SubjectPublicKeyInfo)
 print("### spki:\n{}".format(spki))
-tohash = dns.name.from_text(domain).to_wire()+b'\x00\x00'+bytes((3,))+bytes((alg,))+spki
+tohash = dns.name.from_text(domain).to_wire()+b'\x01\x01'+bytes((3,))+bytes((alg,))+spki
 digest = hashlib.sha256(tohash).hexdigest()
 print("### digest for DS:\n{}".format(digest))
 print("### DS:\n{} IN DS x {} 2 {}".format(domain, alg, digest))
\ No newline at end of file