Exactly,
The pre-DNSSEC application architecture for DNS is now obsolete.
We have at this point only developed a technical infrastructure for securing
DNS responses. Developing the application architecture to leverage that
opportunity still lies ahead of us.
But even in the new world of DNSSEC with end-to-end authentication, the
resolver plays a role that requires trust and thus should be chosen and
trusted.
On Wed, Oct 20, 2010 at 9:55 PM, Mark Andrews <marka(_at_)isc(_dot_)org> wrote:
In message
<201010210114(_dot_)o9L1E0MH004556(_at_)fs4113(_dot_)wdf(_dot_)sap(_dot_)corp>,
Martin Rex
writes
:
Phillip Hallam-Baker wrote:
The weakest DNS architectural idea is the notion that DNS resolvers are
untrusted. This is simply wrong. Every DNS resolver performs a trusted
role
.
Nope, just the opposite. Name to address translation is meant to
be an extremely lightweight and fast service.
The DNS is not just name to address translation.
Hostnames are NOT supposed to be trusted in any way and it a serious
misconception to think they're trusted.
If you want to authenticate your peer, use something like an SSH host
key.
And how do you know you should trust the host key the remote machine
presents?
The routing of datagrams on the internet is also untrusted, so any notion
that a service that translates hostnames into IP-Addresses should be
trusted is fatally flawed and is totally ignorant about the fundamental
architecture of the internet.
-Martin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka(_at_)isc(_dot_)org
--
Website: http://hallambaker.com/
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf