To:
Keith Moore <moore@cs.utk.edu>
cc:
<keydist@cafax.se>
From:
Greg Hudson <ghudson@MIT.EDU>
Date:
Tue, 15 Jan 2002 00:45:24 -0500 (EST)
In-Reply-To:
<200201142317.g0ENHJi00683@astro.cs.utk.edu>
Sender:
owner-keydist@cafax.se
Subject:
Trusting keys (was Re: looking for draft volunteers)
I don't know that this disagreement really affects what would go into an RFC coming out of this group, but regardless, it's still a very deep disagreement, so I'll devote some bandwidth to it. On Mon, 14 Jan 2002, Keith Moore wrote: > Quite honestly, there is no central authority in the Internet (or > in the Real World) which everyone will (or should) trust absolutely. > > (And if you make it so attractive to attack the DNS root then it becomes > even less trustworthy than it is now) I don't really agree. A high-profile organization is usually easier to get information about and frequently has more accountability than a low-profile organization. To use the obvious example, nobody really likes Verisign, and their level of accountability is not as good as it ought to be, but the situation isn't so bad that people are credibly arguing for lots of lower-profiles DNS roots for people to choose among. > I think a single framework could accomodate the entire spectrum > of trustworthiness vs. pre-verification. The real trick is to > provide the user with enough information so that he doesn't place > an inappropriate amount of trust in whatever keys he's getting. I think that this is a very hard problem, similar to the problem of allowing multiple DNS roots without creating hopeless confusion. Moreover, even if we came up with a good solution, I think it would be interesting to a vanishingly small fraction of the people in the world who need computer security--much as PGP is interesting to a vanishingly small fraction of email users today. (I'll also note that a DNSSEC-based trust framework does allow people to create islands of security which are independent of the DNS root. So that very small fraction of people isn't totally out of luck. DNSSEC does lacks cross-certification, admittedly.) Should we use DNSSEC-based trust for life-critical applications? Probably not (though I'm sure people will; heck, I'm sure people already do, even without DNSSEC). Should we use DNSSEC to identify banks? Only sort of; you need out-of-band knowledge of what the bank's domain name is. Should users and organizations be able to set up little islands and empires of trust which are independent of the DNSSEC trust hierarchy? Probably, but I wouldn't want that capability to delay or destroy the deployment of a common-case solution.