KEYDIST mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Randy Bush <randy@psg.com>
Cc: keydist@cafax.se
From: Greg Hudson <ghudson@MIT.EDU>
Date: 31 Dec 2001 17:55:00 -0500
Delivery-Date: Mon Dec 31 23:55:10 2001
In-Reply-To: <E16L8YG-000MWK-00@rip.psg.com>
Sender: owner-keydist@cafax.se
Subject: Re: What are we trying to do?

On Mon, 2001-12-31 at 14:56, Randy Bush wrote:
> the apps folk have had two rrs added to the dns to supposedly meet their
> needs, srv and naptr.  if neither of these provides a way to form a safe
> security association, then one or both of them are broken and should be
> fixed.  what should not happen is adding more and more rrs (or overloading
> current ones) until they figure out how to get it right.

The NAPTR RFC has under security considerations:

   This document has discussed a way of locating a service, but has not
   discussed any detail of how the communication with that service takes
   place.  There are significant security considerations attached to the
   communication with a service.  Those considerations are outside the
   scope of this document, and must be addressed by the specifications
   for particular communication protocols.

It can hardly be said that the NAPTR RFC is "broken" for failing to do
something it ruled out of scope.  The SRV specification does not have
similar language, but it's clear that it, similarly, is not trying to
provide a secure association, merely a location.

If there were some established convention or rule that each area of the
IETF gets a very small quota of RR types, then I would agree that the
apps area never should have proposed both NAPTR or SRV, but instead
should have proposed a single RR type which does the job of both plus
security associations.  But I've certainly never heard of any such
convention; as such, blaming the apps area for not trying to solve this
problem in past RR specifications is pretty bizarre.

All that said, NAPTR is pretty flexible, and I'm sure there are ways we
could shoehorn a public key fingerprint in.  (I didn't particularly like
the way which was suggested here earlier, but there are other ways; for
instance, a new flag could be defined which signals the presence of a
key fingerprint.)  That would work nicely for ssh, for instance; you'd
get the server's public key the same way you do now, but you'd be able
to verify it using the NAPTR record in the DNS.  An attacker who can
subvert the DNS server would still have to conduct an active attack
against the ssh TCP connection to feed you the wrong key.

References:
- Re: What are we trying to do?
  - From: Randy Bush <randy@psg.com>
- Re: What are we trying to do?
  - From: David Conrad <david.conrad@nominum.com>
- Re: What are we trying to do?
  - From: Randy Bush <randy@psg.com>
- Re: What are we trying to do?
  - From: Simon Josefsson <simon+keydist@josefsson.org>
- Re: What are we trying to do?
  - From: Randy Bush <randy@psg.com>
- Re: What are we trying to do?
  - From: Simon Josefsson <simon+keydist@josefsson.org>
- Re: What are we trying to do?
  - From: Randy Bush <randy@psg.com>
- Re: What are we trying to do?
  - From: Simon Josefsson <simon+keydist@josefsson.org>
- Re: What are we trying to do?
  - From: Randy Bush <randy@psg.com>

Prev by Date: Re: Arguements on key distribution vs. DNS
Next by Date: Re: Arguements on key distribution vs. DNS
Prev by thread: Re: What are we trying to do?
Next by thread: Re: What are we trying to do?
Index(es):
- Date
- Thread

Home | Date list | Subject list