HTTPDNS:Authenticate resolving requests

1. Background

To prevent the billing system from challenge collapsar attacks performed by malicious users to incur additional fees, HTTPDNS allows you to authenticate requests send to resolve domain names.

2. Solutions

For users whose apps are developed by using operations without authentication, these operations are still available.

However, HTTPDNS allows you to add fields in resolving requests for authentication. You can gradually utilize operations with authentication in the new versions of your apps and stop supporting the earlier versions developed based on operations without authentication when these versions are no longer used by users.

This way, you can prevent the billing system from being affected by the change of operations.

2.1 Solutions for existing developers

• If you disable operations without authentication, apps that are developed based these operations cannot access HTTPDNS.

• You can guide the developers of the apps to gradually utilize the operations with authentication in the new versions of their apps.

• When few users use the earlier versions of these apps developed based on operations without authentication, and the relevant lost is acceptable, these developers can manually disable operations without authentication.

2.2 Solutions for new developers

• By default, operations without authentication are enabled to save the cost of authentication.

• If developers want to use operations with authentication, they can manually disable operations without authentication.

2.3 Manage operations without authentication

• Enabling operations without authentication may result in security risks.

• You can prevent addition fees incurred by malicious attacks only when you disable operations without authentications.

3. Signature generation and authentication mechanism

3.1 Signature generation algorithms and examples

Signature formats for operations with authentication

• http://203.107.1.33/{account_id}/sign_d

• http://203.107.1.33/{account_id}/sign_resolve

Signature algorithm

sign = md5sum( host-secret-timestamp )

Fields required for signature generation

Examples

• Authenticate a request that is sent to resolve a single domain name

  • Original request: http://203.107.1.33/{account_id}/d?host=www.aliyun.com

  • In this example, the secret key used to generate the signature is IAmASecret. The signed request is expected to expire at 15:00:00 on August 15, 2018 (timestamp: 1534316400).

  • sign = md5sum("www.aliyun.com-IAmASecret-1534316400") = 60c71e98b6d7fcbb366243e224eab457

  • Signed request: http://203.107.1.33/{account_id}/sign_d?host=www.aliyun.com&t=1534316400&s=60c71e98b6d7fcbb366243e224eab457

• Authenticate a request that is sent to resolve multiple domain names

  • Original request: http://203.107.1.33/{account_id}/resolve?host=www.aliyun.com,www.taobao.com

  • In this example, the secret key used to generate the signature is IAmASecret. The signed request is expected to expire at 15:00:00 on August 15, 2018 (timestamp: 1534316400).

  • sign = md5sum("www.aliyun.com,www.taobao.com-IAmASecret-1534316400") = 12a3f6b1b14a46ca813ca6439beb59a4

  • Signed request: http://203.107.1.33/{account_id}/sign_resolve?host=www.aliyun.com,www.taobao.com&t=1534316400&s=12a3f6b1b14a46ca813ca6439beb59a4

Advantages and disadvantages

• The time used to generate signatures varies with clients.

• Secret keys are stored on the client and may be lost.

• Clients do not need to obtain signatures from the server.

3.2. Responses

• If a request pass the authentication, HTTPDNS returns the resolving results with the HTTP status code 200.

• If a request fails to be authenticated, HTTPDNS returns the HTTP status code 403 or 400 with an error code in JSON format.

   { "code": "InvalidSignature" }

3.3. Returned HTTP status codes