It appears that Paul Hoffman <[email protected]> said: >Again, this discussion would be a lot easier if you described the threat model >and showed that the model applies to >all users of this specification. I suspect they reason you haven't is because >there are plenty of users who don't >meet the implied model.
This draft is increasingly reminding me of the old joke about a ten ton steel door on a cardboard box. While I realize there is at least one high value application, signing SSL certificates, most of them are much much less valuable and need correspondingly less security. You also need to keep in mind in the threat model how easy it is to attack. Your bank card probably has a four digit PIN because it is hard to make repeated guesses at at ATM so four digits, about 10 bits, is enough. Similarly, I would think that if you were rotating through DNS strings, trying one every five seconds is about the fastest you can do, and of course any sensible target would notice the attack and shut it down. Look at the ridiculous set of TXT records at stanford.edu and you'll find 75 validation records with widely varying strings. One, from a mailing company, has five base 36 characters, which is 180 bits. I know people at that company, they're not stupid, that's plenty for their application, checking that a customer uses the domain they say they do. This draft desperately needs a threat model, so it can give reasonable advice on what sort of token is appropriate for various applications. R's, John _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
