On Sat, Jan 4, 2014 at 2:42 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > ... A substantive comment that argues that DANE adds > nothing new to SMTP would begin by explaining in detail how SMTP > to MX TLS security is possible without DNS data integrity (thus > making it possible to not trust the root zone signature or any > additional trust-anchors for critical peer domains). Bingo! DNS cannot be trusted. Pushing keys and configuration into DNS is just moving the key distribution problem around.
Consider: 10 of the 13 dns roots are controlled by the US. You probably can't even form a quorum and get a good answer with colluding enemies. And good luck getting an authoritative response from a non-US server. Practice diversification techniques like continuity and perspectives. Limit or remove trust as its nearly meaningless in the context of security. (Some say trust is what is used when there's no security controls to place). Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
