To:
Edward Lewis <lewis@tislabs.com>
cc:
keydist@cafax.se
From:
Keith Moore <moore@cs.utk.edu>
Date:
Thu, 28 Mar 2002 14:39:56 -0500
In-reply-to:
(Your message of "Thu, 28 Mar 2002 10:37:07 EST.") <v03130311b8c8e3ed7e65@[199.171.39.21]>
Sender:
owner-keydist@cafax.se
Subject:
Re: Let's assume DNS is involved
it's easy for this kind of conversation to lose sight of the obvious benefits of using DNSSEC in applications. e.g. if you want to use DNSSEC to thwart a known and widely-exploited attack on ssh initial key exchange (and that of similar protocols where you want to authenticate a host or service whose identity is associated with a DNS name) this is almost certainly a Good Idea. If you want to trust a chain of DNSSEC signatures to establish the identity of a small subset of the DNS tree, this *might* be useful (though a mechanism for using DNS to find certificates would be more generally applicable, and probably less subject to misuse) if you want to use a chain of DNSSEC signatures from the root down as a mechanism to establish trust in those initial keys, this is highly dubious at best, and quite possibly a Bad Idea. if you want to use DNS as a means to help applications find certificates that will allow them to establish the identity of peers that are named using DNS names, this might be a Good Idea (provided you can avoid doing harm to DNS in the process). OTOH if you want to use a chain of DNSSEC signatures from the root down as a substitute for such certificates, this is highly dubious at best, and quite possibly a Bad Idea. Keith