ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DNSSEC is NOT secure end to end

2009-06-09 13:32:05
from [Phillip Hallam-Baker] [Permanent Link] 
Masataka-san

Please learn to express your opinions in a manner that is appropriate
to a professional forum rather than a bar room brawl.

You are entitled to your opinion but not to converse in the abusive
and insulting manner you have chosen to use if you wish to receive a
reply.

The link you gave was to a paywalled version of the paper. I did not
bother to read the authors once I discovered it was paywalled.


On Mon, Jun 8, 2009 at 1:22 AM, Masataka
Ohta<mohta(_at_)necom830(_dot_)hpcl(_dot_)titech(_dot_)ac(_dot_)jp> wrote:

Phillip Hallam-Baker wrote:


I was at a dinner with Dave Clarke last week. Those who invoke his
name in these arguments rarely seem to have read his paper on the end
to end principle IN NETWORKING.


Which paper is, are you saying, "his paper"? The original one or
latter one (published in 2001) which includes discussion on PKI,
which I referred in previous mails.

As you say "IN NETWORKING", I'm afraid you haven't read his original
paper "END-TO-END ARGUMENTS IN SYSTEM DESIGN", which is on "system
design" in general and not necessarily "in networking". For example,
in the original paper, RISC (Reduced Instruction Set Computer) is
given as an example of end to end design.


Depending on your level of abstraction you choose to work at you can
argue that anything is an end.


Apparently, he taught you basic points in his original paper
but not beyond.

It is discussed in the original paper that:

       Identifying the ends
       Using the end-to-end argument sometimes requires subtlety
       of analysis of application requirements.
       one must use some care to identify the end points to which
       the argument should be applied.

Beyond the original paper, the application of the end to end
argument to PKI including DNSSEC is discussed in his latter
paper in 2001 with PROPERLY IDENTIFIED "end points". In the
paper, certificate authorities are identified to be third
parties.

With the discussion, there is no point denying "DNSSEC is NOT
secure end to end".


It would be nice if the paper was available in unencumbered form.


Both of the papers are freely downloadable.

The original paper:

http://web.mit.edu/Saltzer/www/publications/endtoend/endtoend.pdf

The paper in 2001:

http://www.csd.uoc.gr/~hy558/papers/Rethinking_2001.pdf

You should have read both of them to make the dinner more valuable.


Publication in ACM does not help anything but the author's academic
career.


I gave a link to the paper in 2001 through ACM because it has DOI,
assuming that anyone can use search engines and that all the people
who talks about the end to end principle should have read the
original paper in advance.

                                               Masataka Ohta






-- 
-- 
New Website: http://hallambaker.com/
View Quantum of Stupid podcasts, Tuesday and Thursday each week,
http://quantumofstupid.com/
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Last Call: draft-green-secsh-ecc (Elliptic-Curve Algorithm Integration in the Secure Shell Transport Layer) to Informational RFC, Douglas Stebila
Next by Date:  RE: Last Call: draft-ietf-pwe3-ms-pw-arch (An Architecture for Multi-Segment Pseudowire Emulation Edge-to-Edge) to Informational RFC, BUSI ITALO
Previous by Thread:  [Asrg] RISC is end to end (was Re: DNSSEC is NOT secure end to end), Masataka Ohta
Next by Thread:  Re: DNSSEC is NOT secure end to end, Masataka Ohta
Indexes:  [Date] [Thread] [Top] [All Lists]