To:
Olaf Kolkman <OKolkman@ripe.net>
Cc:
Edward Lewis <lewis@tislabs.com>, dnssec@cafax.se
From:
Edward Lewis <lewis@tislabs.com>
Date:
Tue, 17 Apr 2001 13:16:03 -0400
Delivery-Date:
Tue Apr 17 21:51:37 2001
In-Reply-To:
<200104171445.QAA20502@x50.ripe.net>
Sender:
owner-dnssec@cafax.se
Subject:
Re: lwresd, tsig, and caching
At 10:45 AM -0400 4/17/01, Olaf Kolkman wrote: >During the IETF I would not trust a TSIG that is shared with 2k >users. I would prefer to use a SIG(0) with my local only configured I don't think this is the case here. Users access the "privileged" lwresd process via the lightweight interface. The TSIG secret isn't queriable through this interface. The daemon uses its privileges to access the TSIG data which only it can read to generate the messages. This model is akin to print spooling and mail delivery. Privileged daemons can write to anyone's mailbox (the latter), but users can't abuse this to gain access to other users. (Okay, its a weak analogy.) -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NAI Labs Phone: +1 443-259-2352 Email: lewis@tislabs.com You fly too often when ... the airport taxi is on speed-dial. Opinions expressed are property of my evil twin, not my employer.