On Thu, Apr 05, 2007 at 05:30:53PM -0700, Paul Hoffman wrote: > At 7:54 PM -0400 4/5/07, Thor Lancelot Simon wrote: > > > >You're missing the point. The root just signs itself a new .net key, > >and then uses that to sign a new furble.net key, and so forth. No > >unusual key use is required. > > And you seem to be missing my point. If the root signs itself a new > .net key, it will be completely visible to the entire community using > DNSSEC. The benefit of doing so in order to forge the key for > furble.net (or microsoft.com) will be short-lived, as will the > benefit of owning the root key.
You assume the new .net key (and what's signed with it) would be supplied to all users of the DNS, rather than used for a targeted attack on one user (or a small number of users). Why assume the potential adversary will restrict himself to the dumbest possible way to use the new tools you're about to hand him? Do you really think that the administrator of the _average_ DNS client would notice that a new key for .net showed up? It's trivial to inject forged UDP packets, after all, so it is hardly the case that one has to give the new forged key chain to every DNS server along the way in order to run a nasty MITM attack on a client. Thor --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]