To:
Simon Josefsson <simon+keydist@josefsson.org>
cc:
Keith Moore <moore@cs.utk.edu>, keydist@cafax.se
From:
Keith Moore <moore@cs.utk.edu>
Date:
Wed, 09 Jan 2002 16:42:47 -0500
In-reply-to:
Your message of "Wed, 09 Jan 2002 22:28:57 +0100." <ilu4rlvfc2u.fsf@josefsson.org>
Sender:
owner-keydist@cafax.se
Subject:
Re: RESCAP/RC: an alternative to key distribution using DNS
> From browsing the specification, it seems as it has the same problems > that using SRV records to find LDAP servers that hold keying material > has -- this problem has been explained a few times [1], but a short > recap: The problem is that there is no (secure) coupling between the > hostname (or URI in the case of RESCAP) and the keying material > eventually looked up. Server certificates used in SSL don't have a secure coupling either. Trust in an SSL cert requires trust in the CA that signed the cert. If the client has reason to trust the CA for that purpose, this is perfectly satisfactory; if the client doesn't trust the CA, then the cert does not establish the identity of the server to the satisfaction of the client. The same would be true of DNSSEC - the fact that a DNS RR was signed using DNSSEC does not axiomatically mean that the client should consider that signature trustworthy. It depends on whether the client trusts the chain of authorities that validate that signature for the particular purpose the client has in mind. You can think of RESCAP as a fancy and more flexible DNS-like service. A SRV RR pointing to a RESCAP server is no less secure than an NS RR pointing to a DNS server. Either RR could be signed by DNSSEC, but that doesn't necessarily provide a "secure coupling" (for the client's purpose) in either case. Keith