Re: https at ietf.org

On Nov 25, 2013, at 10:06 AM, John Levine <johnl(_at_)taugh(_dot_)com> wrote:

Is the DNSSEC root key secure against National Security Letters?

What does that mean?  Exactly what threat are you imagining an NSL would be 
used to hide?

Hijack someone's DNS traffic, provide a chain of fake servers pointing
to a fake mail or web host, all with valid DNSSEC.


As I'm sure you're aware, for this attack to work, not only would the US 
government need to compromise the root KSK HSMs and a rather Byzantine set of 
safeguards, they would also presumably need to do so in a way that would reduce 
the likelihood that the compromised elements would be noticed.  Since the data 
is public, this might be a bit tricky -- forcing the attack to occur as close 
to the target as possible to minimize the chances some non-target would notice 
(which, if it were noticed, would like result in the absolute worst possible 
case in DNSSEC-land, the need to do an emergency role of the root KSK in every 
resolver on the planet: something we still don't know how to do). Since the 
attack would already be down near the validating resolver, I suspect it would 
be _far_ easier and infinitely less risky to compromise that validating 
resolver (particularly if that resolver is operated by a third party, like it 
is for the vast majority of folks -- something I've long felt is fundamentally 
broken).

I guess that we need to ask the same question about TLDs that are
hosted in the United States.


I would be surprised if only the US has NSLs.

That would mostly mean Verisign, Afilias and PIR, and Neustar.


ICANN went to significant lengths to make everything done with the KSK 
extremely well documented and as public as humanly possible. I personally don't 
know what those organizations do (mostly because I haven't looked) but would be 
surprised if the level of disclosure is close to what ICANN has done.  As such 
I feel Joe's response to Ted:

Sounds like a good question to ask ICANN.


was wrong. Professional Operational Security folk should review the root KSK 
DPS (https://www.iana.org/dnssec/icann-dps.txt) and identify any weaknesses, 
including any vulnerabilities to NSL-like attacks so those weaknesses can be 
remedied. Simply waving "NSL" around like a magic wand is unhelpful.

Regards,
-drc

signature.asc
Description: Message signed with OpenPGP using GPGMail

<Prev in Thread]	Current Thread	[Next in Thread>
Re: https at ietf.org, (continued) Re: https at ietf.org, Dave Cridland Re: https at ietf.org, Eric Burger Re: https at ietf.org, Joe Abley Re: https at ietf.org, Ted Lemon Re: https at ietf.org, Joe Abley Re: https at ietf.org, David Conrad Re: https at ietf.org, Ted Lemon Re: https at ietf.org, David Conrad Re: https at ietf.org, Ted Lemon Re: https at ietf.org, John Levine Re: https at ietf.org, David Conrad <= Re: https at ietf.org, John R Levine Re: https at ietf.org, Ted Lemon Coercion, S Moonesamy Re: https at ietf.org, Michael Richardson Reconstruct the key, S Moonesamy Re: https at ietf.org, Randy Bush Re: https at ietf.org, Randy Bush Re: https at ietf.org, Joe Abley Re: https at ietf.org, David Conrad Re: https at ietf.org, Phillip Hallam-Baker