[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNSSEC - Signature Only vs the MX/A issue.

To: Christian Huitema <huitema@windows.microsoft.com>
Subject: Re: DNSSEC - Signature Only vs the MX/A issue.
From: Paul Vixie <paul@vix.com>
Date: Sun, 10 Dec 2006 21:12:31 +0000
Cc: Ralph Droms <rdroms@cisco.com>, bert hubert <bert.hubert@netherlabs.nl>, namedroppers@ops.ietf.org
Delivery-date: Sun, 10 Dec 2006 21:13:34 +0000
Envelope-to: namedroppers-data@psg.com

christian, your words echo some i heard recently from stuart cheshire:

> Suppose someone is trying to secure a transaction with "www.example.com".
> In practice, they will use some form of end-to-end security, TLS or SSL, as
> in "https://www.example.com";.  The end to end security should provide a
> proof that they are communicating with the real "www.example.com".

there are at least two problems with this approach.  one is, tls/ssl is not
a lightweight device:  not all of us want to use tcp for all transactions,
and many of us want to be able to virtualize many domain names on a single
ip address.  the other is, ssl/tls depends in practice upon x.509, which is
outside of "the internet" for all practical terms.  the internet ought to be
able to do this kind of security for itself.

so, here's what i told stuart cheshire: if you believe that the web is all
there is to the internet, or you believe that the approach taken for securing
https/imaps/smtps is appropriate for all future applications/protocols used
on the internet, then it's natural that you would think ssl/tls/x509 is all
we need.  i do not think that the ssl/tls/x509 model is futureproof, and so
i think that we need something else, something more internet-like.

to understand what i mean, consider the number of e-mail transactions which
will be carried by smtp this year and this decade, compared to smtps.  the
insecurity does not lead to migration of mail toward the tls/ssl/x509 model;
rather, it leads to e-mail reputation systems, spam filtering, and phishing
attacks worth USD$100B/year.  as long as we're using domain names as unique
endpoint identifiers and as universal service locators, the world will suffer
from any lack of security in the dns infrastructure, and in the continuing
lack of confidence in end-to-end dns data.

the fact that x509 is an industry which funnels a large amount of money to
a small number of toplevel key repositories who are themselves chosen by web
browser vendors, means that there are financial scaling problems in the x509
model that are at least as compelling as the technological scaling problems.
with x509, "effective and usable security" can never become the default, it
will always be a premium service with a high cost of entry, used only when
other money is at stake (like when entering credit card numbers).  that isn't
the kind of internet or the kind of world we ought to be trying to make.

paul

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Prev by Date: Re: brain cycles of the WG
Next by Date: Re: brain cycles of the WG
Previous by thread: Re: DNSSEC - Signature Only vs the MX/A issue.
Next by thread: Re: DNSSEC - Signature Only vs the MX/A issue.
Index(es):
- Date
- Thread