To:
Keith Moore <moore@cs.utk.edu>
Cc:
Edward Lewis <lewis@tislabs.com>, keydist@cafax.se
From:
Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
Date:
Mon, 25 Mar 2002 21:12:15 -0500
In-Reply-To:
Message from Keith Moore <moore@cs.utk.edu> of "Mon, 25 Mar 2002 20:56:06 EST." <200203260156.g2Q1u6t04164@astro.cs.utk.edu>
Reply-To:
sommerfeld@orchard.arlington.ma.us
Sender:
owner-keydist@cafax.se
Subject:
Re: My take on the BoF session
> > So, last I checked, the DNS root was *already* a critical service. > > Someone who can get bogus data into it can already cause no end of > > chaos. > > right, but placing an even greater trust it it does not seem wise. Ah, but in the case of ssh as deployed today, we aren't actually placing any greater trust in the DNS by putting application keys in the DNS, since ssh first-time-connects are already vulnerable to someone putting bogus data in the DNS! > I think it would more accurate to say that you are trying to increase > the difficulty of a MitM attack on ssh's initial key exchange (and > that of similar protocols), than that you are providing some level of > assurance. So, I don't quite care what you call it as long as it's clear that the goal is to pragmatically improve security. - Bill