To:
keydist@cafax.se
From:
Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date:
Tue, 26 Mar 2002 15:18:17 -0500
In-reply-to:
Your message of "Mon, 25 Mar 2002 16:44:09 PST." <20020325164409.C39944@shell.nominum.com>
Sender:
owner-keydist@cafax.se
Subject:
Re: My take on the BoF session
-----BEGIN PGP SIGNED MESSAGE----- >>>>> "Ted" == Ted Hardie <Ted.Hardie@nominum.com> writes: Ted> It is easy to fall into thinking that having a data integrity check Ted> for the data in a zone (which is what DNSSEC provides) creates a sort Ted> of universal root for any chain of trust. If you trust the data in Ted> the DNS, after all, it seems obvious that you should put any data you Ted> need to trust into the DNS. The problem is, though, that the trust Ted> model for the DNS (hierarchical up to the root or a known key) doesn't Ted> necessarily match the trust model for an application. I am far from Ted> an expert on trust models, but it does seem to me that the trust model Ted> for an ad-hoc VPN and the trust model for secure Internet Fax are Ted> different, and it doesn't surprise me a whole lot to discover that the Ted> security folk get shivers up the spine when we aren't careful in Ted> distinguishing the two. yes, it is true that there are applications for which the DNSSEC trust model is wrong. There are many applications that uses DNS to map names->IP as their primary trust model. For opportunistic encryption uses, I fail to see how the DNS trust model is anything but appropriate. There is no additional trust. This is not a VPN, so it really doesn't matter whether or not Schiller owns his reverse map. For the SSH case, the name->IP mapping is the primary trust model now, and we aren't degrading that any by providing the host key in the forward map. For email, well. I dunno. DNS is probably the wrong solution. There is some view that putting keys in DNS is going to be the only form of key distribution. There are no proposal to kill LDAP, PKIX, etc. ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ ] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: latin1 Comment: Finger me for keys iQCVAwUBPKDXh4qHRg3pndX9AQEkBgQA4yZ9kZQbZVUteyS/AqHIgVzkwFnVVRa1 dowvQhwSXz0E9MVK0oqW0FN5A/Ks7Y8ywzx+dUCtpNMenTlDI30p9TL8XxEON70h GMuMZYx8xD6c6sLh68DMu88MndbGCuuCnzimCDG5PMC7izxnU3JXyB57+XQVEgDI Fra3sxvgRpU= =yooM -----END PGP SIGNATURE-----