Re: Global PKI on DNS?

At 1:43 PM -0400 6/13/02, Keith Moore wrote:

 > A PKI modeled on the DNS would parallel

 the existing hierarchy and merely codify the relationships expressed
 by it in the form of public key certs.


so what you're saying is that the cert would mean something like:

"we certify that this key was supplied by a party who gave us money
in exchange for our assigning domain name x.y to it.  we have no
idea who that party really is, whether it is trustworthy, and
in particular whether that party can be trusted to manage its keys
in such a way as to make compromise unlikely.  for that matter,
we're not even entirely sure whether the party that gave us money
for this domain last time it was renewed was the same as the party
that gave us money for the domain in the past.  for that matter,
we didn't get the money directly from that party, we got it from
a registrar who you may or may not be able to trust either.


you're putting words in my mouth, and they're not especially good words :-).

and for that matter, you have no idea whether we are trustworthy.
we could be making all of this up, and in fact we're so large and
control the trust relationships to so many domains that there is
a fair amount of incentive for us to do exactly that under some
conditions, but we won't tell you want those are  but you should
trust us anyway, because we said so"

Why does everyone keep thinking that explicit trust is an essentialelement of every PKI?

A CA that attests to the accurate binding of a DNS name to an entityis making NO assertions about the trustworthiness of that entity! Itis just asserting that the private key corresponding to the publickey in the cert is held by the entity, period. Whether that entitydoes a good job of protecting the private key is not known to the CA(that's generally true in ANY PKI anyway).

A modest, realistic ambition for a DNS-based PKI would be to improvethe security of the binding between DNS entries and the associatedmachines. That would help with the deployment of all major securityprotocols that use certs: TLS/SSL, S/MIME, and IPsec. It would enableorganizations to more readily create extranets and intranets usingthese security protocols. Note that, with the possible exception ofS/MIME, the other protocols do not support non-repudiation, and sosome of the stickier legal issues associated with the use of certs donot necessarily arise. Even for S/MIME, one can distinguish betweenmessages signed for authentication vs. for NR purposes.



Steve

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Global PKI on DNS?, (continued) Re: Global PKI on DNS?, Alex Audu Re: Global PKI on DNS?, Ed Gerck Re: Global PKI on DNS?, Einar Stefferud Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Einar Stefferud Re: Global PKI on DNS?, Chris Evans Re: Global PKI on DNS?, Alex Audu Re: Global PKI on DNS?, Stephen Kent a nit, Re: Global PKI on DNS?, Ed Gerck Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Stephen Kent <= Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Harald Koch Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Keith Moore Re: Global PKI on DNS?, Ed Gerck Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Ed Gerck Re: Global PKI on DNS?, Stephen Kent Re: Global PKI on DNS?, Ed Gerck