That is, security of DNSSEC involves third parties and is not end
to end.
That is indeed correct. An attacker can build a fake hierarchy of "secure DNS"
assertions and try to get it accepted. The attack can succeed with the
complicity of one of the authorities in the hierarchy. It is a classic "attack
by a trusted party".
Problem is, hop-by-hop security will not protect against an attack by an
intermediate authority. If an intermediate authority has been compromised, it
can just as well insert a fake NS record -- that's not harder than a fake
record signature. Hop-by-hop security will securely connect to the wrong name
server, to which the wrong NS record points...
-- Christian Huitema
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg