On Fri, Jan 22, 2010 at 05:25:29AM +0900, Masataka Ohta wrote: > Andrew Sullivan wrote: > > > I fully agree. I just want to make sure we're not holding ourselves > > to an operational standard that is just impossible to reach. If we > > want "proof" and "facts" about whether something won't ever be > > compromised, > > Remember that DNSSEC was developed because it was believed to make > DNS proven to be secure.
You're equivocating on "proof" or "secure" or maybe both. DNSSEC allows you to prove that, assuming secure keys, you're getting the the correct (i.e. authoritatively-sourced) answer. It does not allow you to prove that the keys were handled properly, that Dr Evil hasn't taken over the authoritative machine, that we really are living in a Euclidean universe with the relevant mathematical structures, or that ChipManufactureCorp didn't have a serious bug that caused every cryptographic operation it ever does to be predictable. It also doesn't allow you to prove that Bishop Berkeley's metaphysics was wrong, such that you are in fact connecting to a computer somewhere out there in the world and not just a representation-of-foreign-computer in your consciousness. No other cryptographic proof can ever prove such things, either, since a cryptographic system invariably involves those nasty graphos, who are prone to making errors. Moreover, no existing system can prove that there is not an undiscovered vulnerability of an algorithm (though I understand there are proofs that, under known mathematical assumptions, some algorithms cannot be broken. That's not the same thing). If you wish otherwise, I think you are asking that Godel be proven wrong. If you dislike the word "prove" and cognates to be used for anything other than mathematical certainty, then I suggest you translate any use of "proof" that involves parts of the physical universe into some other term like "increased confidence in the empirico-statistical sense". A -- Andrew Sullivan a...@shinkuro.com Shinkuro, Inc. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop