On Mon, Nov 25, 2013 at 6:22 PM, David Conrad <drc(_at_)virtualized(_dot_)org>
wrote:
On Nov 25, 2013, at 10:06 AM, John Levine <johnl(_at_)taugh(_dot_)com> wrote:
Is the DNSSEC root key secure against National Security Letters?
What does that mean? Exactly what threat are you imagining an NSL
would be used to hide?
Hijack someone's DNS traffic, provide a chain of fake servers pointing
to a fake mail or web host, all with valid DNSSEC.
As I'm sure you're aware, for this attack to work, not only would the US
government need to compromise the root KSK HSMs and a rather Byzantine set
of safeguards, they would also presumably need to do so in a way that would
reduce the likelihood that the compromised elements would be noticed.
You clearly do not understand the nature of those controls. They are
designed to prevent an individual being in sole control of a key and
defecting or being coerced. They are not designed to prevent government
coercion. Separation of duties does not provide an effective control
against government coercion because the government can coerce multiple
parties as easily as one.
The CA based PKI has a similar issue which is why there is interest in
Certificate Transparency. The CA based PKI was designed to protect
commercial assets against criminal attackers. Preventing government
coercion was not considered. The root key management process is identical
in all significant respects to the VeriSign Class 3 root management
process.
If we are positing the failure of those controls in one case then we should
posit the same attack in the other. Unfortunately the argument that is made
is a highly partisan one which seizes on any possible hole in the CA scheme
as damning but ignores the exact same issues in the DANE/DNSSEC scheme.
At least in the CA trust scheme there is a choice of trust providers. If
ICANN were to turn DigiNotar it is the only option, it is not only 'too big
to fail' it is the only possible provider.
--
Website: http://hallambaker.com/