Andrew Sullivan wrote:
>>>With DNSSEC, a security aware resolver will want to check the signature.
>>Except for glue A.
> That's not a vector for attack.
Glue is the vector for most, if not all, attacks including
Kaminsky's and DNSSEC with forged certificates.
> If you are validating data, why would
> you not follow the chain to the glue record (secured on each side of
> _that_ cut by the DS/DNSKEY pairs) and validate the signature on the
> authoritative data you get?
Following the chain over a forged certificate to confirm
forged data have valid signatures?
Or, what if the glue is inside a grand child zone on which no
nameservers are responding?
When DNSSEC was designed, I pointed out several detailed
but fatal problems including that glue can not be secured.
The WG had a different fantasy. The WG wasted about 10 years
for experimental deployment only to confirm that I have been
perfectly correct and the protocol was modified.
So, you don't have to waste yet another 10 years only to
reconfirm it.
Just accept the current DNSSEC protocol:
>>>With DNSSEC, a security aware resolver will want to check the signature.
>>Except for glue A.
which makes DNSSEC as insecure as plain old DNS.
Masataka Ohta
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
