To:
Greg Hudson <ghudson@MIT.EDU>
cc:
Mats Dufberg <dufberg@telia.net>, keydist@cafax.se
From:
Keith Moore <moore@cs.utk.edu>
Date:
Mon, 14 Jan 2002 14:12:24 -0500
In-reply-to:
Your message of "Mon, 14 Jan 2002 12:57:08 EST." <Pine.LNX.4.30L.0201141247410.2332-100000@error-messages.mit.edu>
Sender:
owner-keydist@cafax.se
Subject:
Re: RESCAP/RC: an alternative to key distribution using DNS
> > On Jan 10, 2002, 20:09 (-0500) Greg Hudson <ghudson@MIT.EDU> wrote: > > > > > I'm a little leery of this approach; it means that the same private key > > > has to be used to sign both DNS and non-DNS data. Maybe that's okay, but > > > it sounds like a violation of > [Hm, I trailed off here. "a violation of good security principles."] > > > > No, you could use a separate key for signing application keys. > > Uh, no; you must be misunderstanding something (and you certainly aren't > being very explicit). To recap, here are the incompatible constraints: > > 1. (Mine) We have to be able to establish a security chain from the DNS > root to the application data, agree with this part... > such that a client which starts out > knowing only the public key of the DNS root can securely associate > application data with DNS names. ... but it doesn't imply the second part. no client should axiomatically trust "the public key of the DNS root" - that's investing far too much trust in one organization. it would be completely irresponsible for IETF to recommend that clients invest such trust. nor does trust in the root (or any zone) imply that the zones under it should be trusted. instead, clients need to be configurable as to which public keys they trust, and for what purposes. there's no getting around this. > 2. (Mine) We can't use the same key to sign DNS and non-DNS data. (That > is, if a private key is accessible to whoever signs a DNS zone, it > shouldn't also be accessible to whoever signs a RESCAP data set or > whatever.) just curious, why do you say this? as long as the signatures are made by the same party, why shouldn't the same private key be used? > 3. (Keith's) We can't have any keys or key fingerprints in DNS except > for the KEY records which protect DNS data. that's not what I said. I don't claim to know enough about DNSSEC to specify exactly how the keys or fingerprints should be stored, but I do know enough about NAPTR to know that they don't belong there. Keith