On Dec 5, 2013, at 5:09 AM, Matthäus Wander <[email protected]> wrote:
> * Nicholas Weaver [2013-12-02 17:56]:
>> Actually spoofing DNSSEC replies even with knowledge of the root key is
>> going to be difficult...
>
> If we assume the attacker can get the private root KSK from an US-based
> corp, then we should also assume they can get the private root ZSK from
> another US-based corp. As the owner of the root ZSK also owns the keys
> for .com, the attack becomes much easier.
If we (as the IETF) make an assumption that the DNSSEC private key(s) are
"available" to some "unauthorized entity" (govt or otherwise) because a
significant part of a particular operation is located in a particular
geographic region then we need to also make a similar assumption for any/all
Certification Authorities' root private key(s) since the underlying
cryptographic technology widely used by TLS is basically the same. The
DigiNotar attack, though not geographically related, clearly illustrates that
very bad things can happen when an "unauthorized entity" is able to have access
to and use of root private keys for a CA.
I've seen some references on this list saying (essentially) that it is a valid
assumption that an "attacker" ("unauthorized entity" might be a better term)
can get or already has the DNS root (& maybe .com) private key. Although I do
not believe that this is a valid assumption, I do assert that if we (as the
IETF) decide to make such an assumption relative to DNS/DNSSEC then we must
make the same assumptions about "unauthorized entities" being able to access
private root key(s) for any/all CAs. I'm not sure how the IETF would somehow
factor geopolitical boundaries into defining protocol assumptions, I suspect
that any useful results would probably take longer than it's taken to design,
redesign, redesign and begin deployment of DNSSEC :-).
OTOH, if there is real interest and need to change and/or enhance the security
operations &/or protocols for the DNS or CA realms, having concrete proposals
(such as draft-grothoff-iesg-special-use-p2p-names-00.txt) is much more useful
than trying to reach agreement on assumptions like the above (& other earlier
email assertions).
Russ
>
> Regards,
> Matt
>
> --
> Universität Duisburg-Essen
> Verteilte Systeme
> Bismarckstr. 90 / BC 316
> 47057 Duisburg
>
> _______________________________________________
> perpass mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/perpass
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
