To:
sommerfeld@orchard.arlington.ma.us
cc:
"Mike Petkevich" <michael_petkevich@bmc.com>, "Keith Moore" <moore@cs.utk.edu>, "Edward Lewis" <lewis@tislabs.com>, keydist@cafax.se
From:
Keith Moore <moore@cs.utk.edu>
Date:
Tue, 26 Mar 2002 13:09:21 -0500
In-reply-to:
(Your message of "Tue, 26 Mar 2002 00:03:57 EST.") <20020326050403.2CCDB2A4E@orchard.arlington.ma.us>
Sender:
owner-keydist@cafax.se
Subject:
Re: My take on the BoF session
> Indeed. and those who reject systems which wish to bootstrap off > secured dns out of hand are not letting the user make this informed > decision. as I see it, there are three major problems with this approach: 1. unconditionally representing this as a security improvement and not informing the user about the limitations of this approach - and in particular, about the degree of trust that this invests in the root and higher-level zones. 2. trusting DNS "by default" - i.e. presuming the user's choice. 3. building a system that is so inflexible that it doesn't support other trust models. all of these problems can be fixed. the desire to fix these problems should not be considered as 'rejecting' the approach. Keith