To:
moore@cs.utk.edu (Keith Moore)
Cc:
rja@extremenetworks.com, keydist@cafax.se
From:
Bill Manning <bmanning@isi.edu>
Date:
Tue, 26 Mar 2002 13:09:38 -0800 (PST)
In-Reply-To:
<200203261955.g2QJt6t22420@astro.cs.utk.edu> from Keith Moore at "Mar 26, 2 02:55:06 pm"
Sender:
owner-keydist@cafax.se
Subject:
Re: My take on the BoF session
influence != dictate each child has a direct, causal relationship with its parent. if a majority of the children make a change, there is strong incentive for the parent to accomodate such changes as they impact the parent/child relationship. US DoD is one of ~300 tlds that might have a direct influence on the root. To my knowledge, none have the ability to dictate root key policies. % > If one considers the case of the US DoD (which % > conveniently has their own TLD, for historical reasons), % > and can strongly influence the root key's assurance properties, % > the scaling properties are even better than for a single % > subdomain. % % if the US DoD can dictate the root key's policies, IMHO that's % a very good reason to consider it untrustworthy. things that % the US government considers 'national security' interests % (and therefore worthy of DoD attention) are usually hostile to % other interests using DNS - often including the interests of % US citizens. % % OTOH if the US DoD wanted to invest trust in the .MIL key, % that's their own business. but an argument that dnssec gives % the US DoD the excuse to control the root is NOT an argument % in favor of increased reliance on dnssec. % % Keith % -- --bill