To:
keydist@cafax.se
From:
Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date:
Tue, 26 Mar 2002 15:18:17 -0500
In-reply-to:
Your message of "Mon, 25 Mar 2002 16:44:09 PST." <20020325164409.C39944@shell.nominum.com>
Sender:
owner-keydist@cafax.se
Subject:
Re: My take on the BoF session
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Ted" == Ted Hardie <Ted.Hardie@nominum.com> writes:
Ted> It is easy to fall into thinking that having a data integrity check
Ted> for the data in a zone (which is what DNSSEC provides) creates a sort
Ted> of universal root for any chain of trust. If you trust the data in
Ted> the DNS, after all, it seems obvious that you should put any data you
Ted> need to trust into the DNS. The problem is, though, that the trust
Ted> model for the DNS (hierarchical up to the root or a known key) doesn't
Ted> necessarily match the trust model for an application. I am far from
Ted> an expert on trust models, but it does seem to me that the trust model
Ted> for an ad-hoc VPN and the trust model for secure Internet Fax are
Ted> different, and it doesn't surprise me a whole lot to discover that the
Ted> security folk get shivers up the spine when we aren't careful in
Ted> distinguishing the two.
yes, it is true that there are applications for which the DNSSEC trust model
is wrong. There are many applications that uses DNS to map names->IP as their
primary trust model.
For opportunistic encryption uses, I fail to see how the DNS trust model is
anything but appropriate. There is no additional trust. This is not a VPN, so
it really doesn't matter whether or not Schiller owns his reverse map.
For the SSH case, the name->IP mapping is the primary trust model now, and
we aren't degrading that any by providing the host key in the forward map.
For email, well. I dunno. DNS is probably the wrong solution.
There is some view that putting keys in DNS is going to be the only form
of key distribution. There are no proposal to kill LDAP, PKIX, etc.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys
iQCVAwUBPKDXh4qHRg3pndX9AQEkBgQA4yZ9kZQbZVUteyS/AqHIgVzkwFnVVRa1
dowvQhwSXz0E9MVK0oqW0FN5A/Ks7Y8ywzx+dUCtpNMenTlDI30p9TL8XxEON70h
GMuMZYx8xD6c6sLh68DMu88MndbGCuuCnzimCDG5PMC7izxnU3JXyB57+XQVEgDI
Fra3sxvgRpU=
=yooM
-----END PGP SIGNATURE-----