Thanks to Phillip for raising this point. On 01/26/2012 02:35 PM, Richard L. Barnes wrote: > Illegitimate transfers are out of scope. From the point of view of the DNS, > an illegitimate transfer is indistinguishable from a legitimate transfer.
eh? The whole point of this discussion, as i understand it, is supposed
to be to figure out a way that users and site administrators can tell
when something illegitimate is going on and have some protection from
attack.
Saying that a fraudulent or coerced DNS transition is "out of scope"
seems equivalent to saying "make the users and admins vulnerable to
attacks via DNS", in which case we might as well give up.
DNS is certainly not a shining beacon when it comes to resistance to
fraud or coercion. Let's not make it a single point of failure.
> The only thing technology could do for this case is allow the web site to
> tell customers "I'm not planning to change anything in the next N days". So,
> for instance cached DANE records or key pinning. First-time visitors with
> nothing cached are out of luck. Maybe you could have something of an
> observatory system for sharing the sort of information that other people have
> cached.
These are reasonable examples of things that a "right key" protocol
could do. There are probably more ideas people could come up with. Why
would these suggestions be out of scope?
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ therightkey mailing list therightkey@ietf.org https://www.ietf.org/mailman/listinfo/therightkey
