On 10/02/2010 03:16 PM, Ben Laurie wrote:
On 1 October 2010 16:15, Phillip Hallam-Baker<hal...@gmail.com> wrote:
The problem with that approach is that the attacker now has two
infrastructures that they can attack rather than just one.
If I deploy the DNS solution, stating that DNS is authoritative, then
my attack surface now excludes all CAs. How is that an increase in
attack surface?
Contrast with today's situation, where my attack surface is increased
on a regular basis by the introduction of new CAs, without any
consultation with me at all.
The thing we have to to keep in mind here is that this "attack surface"
is largely determined on the client of the equation. In other words, if
you attempt to set policy through DNS, it only applies to clients who
choose to respect it. And clients do have that annoying habit of not
consulting the server admins (or the users for that matter) before
changing their trust. We can blame Netscape, they intentionally set it
up this way (and are no longer around to defend themselves).
How much consistency is there in the current crop of PKI rules? What if
DNSSEC info conflicts with other info?
Vendors of client software sometimes give themselves a root cert in the
client, or at least have a close relationship with some of their CAs.
There's a lot of money at stake, how eager will they be to allow sites
to opt-out of that trust? Some of them also sell TLS MitM interception
products.
The possibility that the bulk of clients will respect DNSSEC records
which cut their CAs out of the trust equation any time soon seems a bit
remote. We might as well be discussing the deprecation of SSLv3. It
could happen eventually, but probably not in the near term.
In the meantime, we'd end up with the DNS root effectively having the
power of yet another CA. Except that it's not, because the various arms
of ICANN and VeriSign/Symantec are probably already trusted many times over.
I've seen it said that during the pre-deployment phase, the designers
and promoters of DNSSEC denied they were making a replacement PKI. But
the discussion now is to what extent it is inevitable. Regardless, if
this is PKI 2.0 getting ready to usurp the throne, we should at least
ensure that its a legitimately designed trust model this time rather
than stumbling into whatever serves to enable some set of business
agreements.
- Marsh
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop