In message
<4A285750(_dot_)9010104(_at_)necom830(_dot_)hpcl(_dot_)titech(_dot_)ac(_dot_)jp>,
Masataka Ohta writes:
Andrew Sullivan wrote:
Though we have to trust the zone administration put correct referral
and glue data in a master zone file, unless we use DNSSEC, we don't
have to trust the zone administration never issue certificates over
forged keys of child zones.
If an attacker can get its bogus data into the referring zone,
I never said such a thing.
I said "issue certificates over forged keys of child zones".
The attack is possible by those who have access to signature
generation mechanisms and the attack is not visible until the
false certificates are used later.
People introduced DNSSEC believing DNSSEC makes cache poisoning
not a problem, are ready to accept false certificates through
unprotected cache.
Thus, we must, anyway, protect cache.
Then, where is the point to introduce DNSSEC only to have another
possibility of security holes?
We still lock doors and windows despite the possiblity of people
breaking in by lifting tiles. Attacks at the registry level are the
equivalient of lifting tiles. It happens sometimes. Locking the
doors and windows stops most attacks however.
Masataka Ohta
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka(_at_)isc(_dot_)org
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf