Re: [saag] : DNSSEC PKI semantics and risks (was tangentially: Last Call

Re: [saag] : DNSSEC PKI semantics and risks (was tangentially: Last Call: <draft-dukhovni-opportunistic-security-01.txt>)

2014-08-07 12:58:09

The reason TRANS does not currently appear to be relevant to the
DNSSEC advocates is that they are simplifying the PKI problem to
exclude consideration of the entire class of attacks that TRANS is
designed to control.

In the real world, excluding consideration of a problem does not make
it go away. So TRANS is very useful and relevant to DNSSEC.

<Prev in Thread]	Current Thread	[Next in Thread>
[saag]: DNSSEC PKI semantics and risks (was tangentially: Last Call: <draft-dukhovni-opportunistic-security-01.txt>), Viktor Dukhovni Re: [saag] : DNSSEC PKI semantics and risks (was tangentially: Last Call: <draft-dukhovni-opportunistic-security-01.txt>), Nico Williams Re: [saag] : DNSSEC PKI semantics and risks (was tangentially: Last Call: <draft-dukhovni-opportunistic-security-01.txt>), Tony Finch Re: [saag] : DNSSEC PKI semantics and risks (was tangentially: Last Call: <draft-dukhovni-opportunistic-security-01.txt>), Phillip Hallam-Baker <= Re: [saag] : DNSSEC PKI semantics and risks (was tangentially: Last Call: <draft-dukhovni-opportunistic-security-01.txt>), Paul Wouters Re: [saag] : DNSSEC PKI semantics and risks (was tangentially: Last Call: <draft-dukhovni-opportunistic-security-01.txt>), Phillip Hallam-Baker