ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] OpenPGP private certification

2015-04-08 13:29:21
from [Phillip Hallam-Baker] [Permanent Link] 
On Wed, Apr 8, 2015 at 2:05 PM, Christoph Anton Mitterer
<calestyo(_at_)scientia(_dot_)net> wrote:

On Wed, 2015-04-08 at 10:15 -0400, Phillip Hallam-Baker wrote:

Personally, I believe that owning your personal DNS name is as
important for security as having a keypair.

Why should it give you any security?


Same reason that backing up your files is the number one security
priority: security means being able to assess and control risks to
your assets. Confidentiality is only one concern and one that is
fairly low down. Integrity is almost always more important.

If I invest in hallam(_at_)gmail(_dot_)com then I am making myself vulnerable to
a change of policy. I have little choice but to pay if they decide to
start charging $50/month.


I have a huge part of my
brand invested in hallam(_at_)gmail(_dot_)com which I don't own. Which is 
why I
switched to phill(_at_)hallambaker(_dot_)com for ietf work. But I have yet 
to win
that argument.

It only gives you that some company cannot easily take away your mail
address, but OTOH it's probably an illusion to believe that your own
domain name protects you much more from this.

See cases like the German person called "Shell", who had shell.de and
guess who has it now.


Which is one reason I don't trust ICANN's vision of DNSSEC.

But still, security is risk control and not risk elimination -
something I have been saying for over 20 years now.



I really don't like having ICANN as my root CA either. DNSSEC is a
monolithic, single rooted scheme which I don't consider very
trustworthy because of that.

Sure, it has similar problems like the X.509 PKI, just on a less extreme
scale.


If trades one set of problems for another.


But no one should try to impose a strict hierarchical trust model on
OpenPGP anyway. So I don't think it's a particularly good idea to
somehow combine OpenPGP with DNS/DNSSEC/DANE.


I think there are ways to combine PGP ideas with DNS and DNSSEC in a
useful manner, DANE is not one of them.

The approach I have been using most recently is an extension of the
.onion idea. But instead of making a key fingerprint a subdomain, I
make it the root.


So example.com.<fingerprint> becomes an assertion 'the names in
example.com as controlled by a valid, current security policy signed
by  a key matching <fingerprint>.

Now that is an approach I can tie servers to in admin files.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] ways forward wrt IETF wg - please try answer by Apr 8th, Benjamin Kaduk
Next by Date:  Re: [openpgp] Intent to deprecate: Insecure primitives, Christoph Anton Mitterer
Previous by Thread:  Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer
Next by Thread:  Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer
Indexes:  [Date] [Thread] [Top] [All Lists]