Andrew Sullivan wrote:
With DNSSEC, a security aware resolver will want to check the signature.
Except for glue A.
That's not a vector for attack.
Glue is the vector for most, if not all, attacks including
Kaminsky's and DNSSEC with forged certificates.
If you are validating data, why would
you not follow the chain to the glue record (secured on each side of
_that_ cut by the DS/DNSKEY pairs) and validate the signature on the
authoritative data you get?
Following the chain over a forged certificate to confirm
forged data have valid signatures?
Or, what if the glue is inside a grand child zone on which no
nameservers are responding?
When DNSSEC was designed, I pointed out several detailed
but fatal problems including that glue can not be secured.
The WG had a different fantasy. The WG wasted about 10 years
for experimental deployment only to confirm that I have been
perfectly correct and the protocol was modified.
So, you don't have to waste yet another 10 years only to
reconfirm it.
Just accept the current DNSSEC protocol:
With DNSSEC, a security aware resolver will want to check the signature.
Except for glue A.
which makes DNSSEC as insecure as plain old DNS.
Masataka Ohta
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg