ietf-mailsig
[Top] [All Lists]

Re: In response to Housley-mass-sec-review

2005-03-08 12:24:55

On Tue, 2005-03-08 at 09:35 -0800, Mark Baugher wrote:
I'm speculating, and the following opinion is an entirely personal one: 
  Once we get beyond anti-forgery, the DNS does not seem to me to be a 
good place for any sort of reputation service.  A domain might have a 
very good reputation for some applications and a very bad reputation 
for others, for example.

The requirements aren't the same either. For anti-forgery ala
IIM and DK, you need to have a pervasive service where the parties
aren't necessarily acquainted with each other. Here the bar is already
set lower because you may not know anything about the other side sending
you mail. Reputation almost definitionally requires that the subscriber
have a relationship with the provider -- how else could you 
possibly trust the results otherwise? 

For this reason, I think that the security bar  -- if nothing 
else -- needs to at least have the ability to be set higher. If
I'm getting reputation that I'm going to make some pretty serious
decisions with, It would be a lot safer if there was some source
authentication to go along with it. Which doesn't disqualify
DNS, but it does imply that if used that DNSsec ought to be used
by the reputation providers. I just don't see how we can equivocate
about this. That said, I'm not convinced that DNS is really the
right choice.

                Mike


<Prev in Thread] Current Thread [Next in Thread>