Randy,
On Nov 25, 2013, at 6:06 PM, Randy Bush <randy(_at_)psg(_dot_)com> wrote:
seems to me that if the amazingly elaborate ceremonies around the root
key do not include m of n needed to open the bottle, with the m and n
distributed among multiple national juristictions, it is merely security
theater.
And is it security theater if the "multiple national jurisdictions" only
include the 5 Eyes?
ICANN and Verisign, in a very public manner, tried (given constraints they were
placed under) to ensure that opening the bottle was exceedingly public and
documented so it didn't matter who actually did it. Back during the Root
Signing Road Show, input was requested many, many times in many, many venues
(IETF included).
My point is that trotting NSLs out like a bogeyman is not helpful. Identify
possible _realistic_ attacks and the vulnerabilities that those attacks can
leverage. The Root KSK DPS is a public document, written under a set of
assumption and constraints that may no longer hold and undoubtedly far from
perfect. I am not arguing that the question Ted asks isn't valid, I'm saying
"send text".
Regards,
-drc
signature.asc
Description: Message signed with OpenPGP using GPGMail