On Thu, Dec 5, 2013 at 10:35 AM, Russ Mundy <[email protected]> wrote:
> > On Dec 5, 2013, at 5:09 AM, Matthäus Wander <[email protected]> > wrote: > > > * Nicholas Weaver [2013-12-02 17:56]: > >> Actually spoofing DNSSEC replies even with knowledge of the root key is > going to be difficult... > > > > If we assume the attacker can get the private root KSK from an US-based > > corp, then we should also assume they can get the private root ZSK from > > another US-based corp. As the owner of the root ZSK also owns the keys > > for .com, the attack becomes much easier. > > If we (as the IETF) make an assumption that the DNSSEC private key(s) are > "available" to some "unauthorized entity" (govt or otherwise) because a > significant part of a particular operation is located in a particular > geographic region then we need to also make a similar assumption for > any/all Certification Authorities' root private key(s) since the underlying > cryptographic technology widely used by TLS is basically the same. The > DigiNotar attack, though not geographically related, clearly illustrates > that very bad things can happen when an "unauthorized entity" is able to > have access to and use of root private keys for a CA. > I agree with respect to covert attacks. Yes there is a risk in both cases and the right control is to establish a very high probability of detection so that it becomes an overt attack. What is unique in the case of the DNSSEC is that there is only one root and thus a government can perform a denial of service attack against TLDs.For example asserting that signing the Cuba or Palestine roots would breach existing sanctions legislation or passing new legislation. And such scenarios do not seem at all far fetched to me having watched the government shutdown. -- Website: http://hallambaker.com/
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
