ietf
[Top] [All Lists]

Re: DNSCurve vs. DNSSEC - FIGHT! (was OpenDNS today announced it has adopted DNSCurve to secure DNS)

2010-03-01 16:15:34
Wassim Haddad wrote:

I don't know what EV means, but anything human, including CA, is not
infallible, which is why PKI is insecure.

=> Can you please explain in few lines what would be your preference(s) for
a solution to enable DNSsec?
I apologize if you have already submitted a proposal about it which I must
have missed... in which case, I would appreciate a pointer.

If you are talking about a technical mechanism not to cause message
size overflow beyond 512B even with 2048bit keys, the solution is
to use different RR types for different kind of keys, which I
proposed more than 15 yeas ago in draft-ohta-simple-dns-00:

   In general, data size for authentication is often as large as of 100
   bytes or more.  So, it is a bad idea to share a single RR type value
   between different authentication mechanisms, because querying them
   all will often break 512 byte limit of UDP query.  So, authentication
   algorithms are distinguished by RR type values, not by something like
   an algorithm type field.

It's crazy to share an RR type between ZSK and KSK.

For key roll over, different RR types should be used for even and
odd generations. You may also use elliptic curve cryptography,
though I don't prefer it.

But, later, I noticed fundamental fraud in PKI, against which no
technical solution exists. Note that separation of ZSK and KSK
was an impossible attempt make inherently insecure PKI less
insecure.

                                                Masataka Ohta


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf