To:
keydist@cafax.se
From:
Jakob Schlyter <jakob@crt.se>
Date:
Wed, 9 Jan 2002 21:47:01 +0100 (CET)
Sender:
owner-keydist@cafax.se
Subject:
BOUNCE keydist@cafax.se: Non-member submission from [Keith Moore<moore@cs.utk.edu>] (fwd)
Approve: appkey Received: from astro.cs.utk.edu (astro.cs.utk.edu [160.36.58.43]) by nic.cafax.se (8.12.1/8.12.1) with ESMTP id g09Jk1C2007186 for <keydist@cafax.se>; Wed, 9 Jan 2002 20:46:02 +0100 (MET) Received: from astro.cs.utk.edu (localhost [127.0.0.1]) by astro.cs.utk.edu (cf 8.9.3) with ESMTP id g09Jjwi24666; Wed, 9 Jan 2002 14:45:58 -0500 (EST) Message-Id: <200201091945.g09Jjwi24666@astro.cs.utk.edu> X-URI: http://www.cs.utk.edu/~moore/ From: Keith Moore <moore@cs.utk.edu> To: Ted.Hardie@nominum.com cc: Keith Moore <moore@cs.utk.edu>, Edward Lewis <lewis@tislabs.com>, keydist@cafax.se Subject: Re: From whence we came... In-reply-to: Your message of "Wed, 09 Jan 2002 11:10:52 PST." <20020109111052.B67743@shell.nominum.com> Date: Wed, 09 Jan 2002 14:45:58 -0500 Sender: moore@cs.utk.edu > I think this is a valid point. The way I wrap that in my head is: > > DNSSEC helps you to know that the materials you got from the wallet > were the materials that the owner put in there. this is only true if you trust DNSSEC, and DNSSEC seems to assume a trust model that not everyone would consider valid. this is fine if you don't make DNSSEC an inherent part of the trust chain. it's not fine if you design a system that requires that everyone that uses it place trust in DNSSEC. put another way: if the system assumes that DNSSEC is *the* only way to make verifiable assertions about identity, it's broken. if the system allows DNSSEC as *a* way to make verifiable assertions about identity, with other ways allowed also, that's a Good Thing. Keith