ietf
[Top] [All Lists]

Re: [Asrg] DNSSEC is NOT secure end to end

2009-06-08 19:55:46
David Wilson wrote:

According to the terminology of David Clark, PKI including DNSSEC
is not secure end to end.

DNSSEC provides two things. Firstly, it provides the means to digitally
sign RRsets. This provides data origin authentication and data
integrity.

The provision is through hops of certificate authorities, which
is what is discussed in latter paper of David Clark published in
2001. Read it.

As this operates at the DNS application layer, this is
clearly "end to end" within David Clark's terminology. It does not rely
on any security services in the lower communication layers (in the way
that, for instance, relying on TCP would).

If you read the paper, you can find the lower layer of PKI consists
of communication with or between certificate authorities.

Compromising a certificate authority in the lower communication
layer breaks the security of data origin authentication and data
integrity.

This origin authentication and integrity is precisely what is required
to avoid the DNS cache poisoning which is the kind of vulnerability
which prompted this discussion.

As has been discussed in the thread, DNSSEC is NOT a protection
against cache poisoning, because caches poisoned with forged
certificate breaks the security.

This aspect of DNSSEC does not require the use of any PKI.

Read the 2001 paper on why PKI not end to end and why DNSSEC no
exception. The paper explains why scale breaks the end to end
property.

I get the impression from you that DNSSEC is to be disregarded because
it is not "end to end".

Being "end to end" has practical advantages.

See above on how useless DNSSEC is to avoid cache poisoning, which
was the motivation to deploy it.

                                                Masataka Ohta

_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg