[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Evaluation: draft-ietf-secsh-dns - Using DNS to securely publish SSH key fingerprints
At Thu, 07 Aug 2003 12:13:24 -0400, Thomas Narten wrote:
>
> > Yes No-Objection Discuss Abstain
> > Thomas Narten [ ] [ ] [ X ] [ ]
>
> The approach suggested here shifts the burden of key checking from
> each user of a machine to the key checking performed by the
> administrator of the DNS recursive server used to resolve the host
> information. Hopefully, by reducing the number of times that keys
>
> Don't understand. Key checking is performed by software, not the
> administrator...
i don't seem to have received the message to which thomas's message
was a response, so i don't know to whom i'm speaking, but:
a) the main point of the secsh thing is to piggyback on the (as yet
nonexistant) dnssec infrastructure; there may be certain limited
scenrios in which one could use it without dnssec, but i'd prefer
not to go there
b) dnssec validation is performed by software, and that software is
not necessarily performed by a recursive name server, in fact there
are trust model issues with doing it that way. see
draft-ietf-dnsext-dns-threats-03.txt (blush)
c) checking the ssh key itself is presumably performed by whoever
inserted the ssh key into the dns in the first place (zone admin,
or secure dynamic update user, or ...)
i suspect that the original comment was thinking about (c).