David Conrad wrote: > > Phillip Hallam-Baker wrote: > > > > If a system is going to be robust in practice it has to take account > > of all possible sources of error including administrative incompetence > > and user error. > > I'm curious: where do you draw the line? Should routing system security > be included? Email security (since many transactions relating to DNS > zone administration occur via email)? Telephone? Etc. > > > Security that only looks at malice is brittle security. > > Security that looks at 'all possible sources of error' seems to me > to be a halting state problem
Drawing a line amounts to sticking your head in the sand. A chain is only as strong as its weakest link, and aside from wanna-bees, determined attackers are *not* going to attack the strong pieces of the technology, but turn the weak parts or the links between. Using DNS names for authentication is the folly here. If we believe that using DNS names for authentication, then we need to fix *all* parts of the technology, including the adminitrative procedures for managing/delegating DNS names. -Martin _______________________________________________ therightkey mailing list therightkey@ietf.org https://www.ietf.org/mailman/listinfo/therightkey
