To:
dnssec@cafax.se
From:
Dan Massey <masseyd@isi.edu>
Date:
Tue, 7 Aug 2001 09:07:02 -0400
Content-Disposition:
inline
Delivery-Date:
Wed Aug 8 15:47:12 2001
In-Reply-To:
<v03130304b7956f9702ae@[217.33.137.162]>; from lewis@tislabs.com on Tue, Aug 07, 2001 at 06:15:20AM -0400
Sender:
owner-dnssec@cafax.se
User-Agent:
Mutt/1.2.5i
Subject:
Re: IETF: Goal & resolving discussion for this evening.
Hi, Since possible topics are being discussed, I'd like to suggest that we consider some threats in more detail. Groups of people have discovered "interesting" things when discussing specific DNSSEC deployment scenarios. I'd like to discuss some specific attack scenarios and try to illustrate how DNSSEC would (or would not) help. I suspect we would learn some things about DNSSEC. Also, it might be better to air this in the dnssec group so we don't inadvertently create a how to attack DNS tutorial... If you think this would be useful, can you think of specific threat that DNSSEC will (or will not) counter? Are you willing to explain how DNSSEC does it and why DNSSEC is the best way to counter this threat? For example, suppose someone is running dnsspoof on the wireless network. Assuming DNSSEC was deployed, what is a scenario where we would we gain something with DNSSEC? Is this gain worthwhile and why is DNSSEC the best way to achieve this gain? Dan On Tuesday, August 07, 2001 at 06:15AM, Ed Lewis wrote: | At 5:53 AM -0400 8/7/01, Russ Mundy wrote: | >thursday dnsext meeting. Since we'll be meeting after dnsop WG mtg, things | >related to that group should be posted on the dnsop mail list. | | To clarify on schedule - the DNSOP ends at 1645 and there is a session from | 1700-1800. We meet at 1830. | | Also, I do agree that this type of discussion is off-topic for the status | meeting but it is a good discussion to have while we are here. | | -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | Edward Lewis NAI Labs | Phone: +1 443-259-2352 Email: lewis@tislabs.com | | You fly too often when ... the airport taxi is on speed-dial. | | Opinions expressed are property of my evil twin, not my employer. |