>I ask that you please put aside your preconceived ideas and read the
>cga-tsig document with an open mind before you judge it. The document
>addresses the problem with the use of TSIG and SIG and introduces a new,
>combined method which can protect nodes against several types of attack.
>Karl asked how the node receives the IP address of the DNS as it can be the
>first point of a MITM attack. I just explained that this is not possible, as
>earlier explained, the node can retrieve this IP address in a safe manner
>during a first time retrieval.
This is called Trust On First Use (TOFU).
If the MITM attacker is already in play before the "first time retrieval" then
the node is not talking to the DNS resolver he thinks he is. He is talking to
MITM instead, who can forge certificates and spoof IP addresses. Just knowing
the IP address of the resolver you trust is not enough to protect against MITM.
>This has nothing to do with CGA-TSIG as it assumes that the node already
l>earned the IP address of the DNS server in a safe way. This document only
>explains a new method for secure authentication during different scenarios.
The problem is that you have not demonstrated a "safe way" to authenticate the
DNS resolver connection.
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
