> On Nov 17, 2018, at 6:07 AM, Lanlan Pan <abby...@gmail.com> wrote:
>
> And TLS's distribute certificate exchange maybe better than DNSSEC's
> centralized trust anchor.
In principle, yes, when one carefully selects just the appropriate
trust anchor(s) for a given task. Some applications do use specific
trust-anchors (internal corporate CAs) at least some of the time.
[ FWIW, TLS is trust-model agnostic, it is the WebPKI that uses the
usual panoply of CAs. ]
In practice, one generally uses the Mozilla or similar trust bundle,
and so it is still centralized, except that now the attacker has a
choice of multiple central authorities to compromise.
So most of the time the WebPKI is weaker, but you sometimes have
a choice when you can limit the set of peers with which you need
to communicate.
With DNSSEC validating resolvers can also configure trust-anchors
at any point in the tree, which also allows for internal corporate
trust-anchors, and if some TLD or similar followed the RFC5011 key
rollover process used at the root, one could also track the TLD's
keys independently of the delegation from ICANN, but AFAIK this is
not presently a common TLD practice.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
