On Tue, 2009-06-02 at 22:38 +0900, Masataka Ohta wrote:
Yes, security of DNSSEC is totally hop by hop.
I am nervous of adding to this debate (and should it really be on ASRG?)
However, I think there is some difference in the way people are using
some terms. My understanding of the terms hop-by-hop and end-to-end is
A data item traverses a number of nodes within a network. (E.g. a UDP
datagram moving through an inter-network, or a Email message from its
submitting UA via a sequence of MTAs to the recipient's UA).
"End-to-end" security means that the security of that data item does not
depend on the trustworthiness of any intermediate node, or channel.
"Hop-by-hop" security means that you do rely on the trustworthiness of
the intermediate nodes and channels. (E.g. CRC provides no defence
against deliberate tampering, TLS for email is only as trustworthy as
the least trusted intermediate MTA).
PKI establishes a "chain of trust" between the signing certificate (i.e.
the certificate containing the public key corresponding to the private
key used to generate the signature) and your trust anchors (which you
choose). This is not really "hop-by-hop" as data is not hopping. Like a
real chain, it is only as strong as its weakest link. However, the chain
operates in a different 'space' from that used to transfer the data
As far as I understand, the key thing which DNSSEC gives you is data
origin authentication (although that by itself without data integrity
would be useless). The DNS attacks which were the start of the
discussion are all based on the attacker sending false data to the
system under attack. Having an effective means for determining from whom
data comes is necessary to overcome this kind of attack.
Asrg mailing list