Re: [DNSOP] Kaminsky on djbdns bugs (fwd)
the fact that masataka's proposal seemed qualitatively better to me eleven years ago is moot. the reason dnssec isn't deployed yet has nothing to do with any such qualitative differences. we are where we are, and what we've got to do now is deploy what we've got now. the dnssec spec at present may be ugly but it is practicable, and there's a large body of expertise and running code and commercial products and interoperability testing behind it. while i didn't enjoy watching masataka's proposal railroaded into the ditch and while it would have taken less time to get masataka's dnssec proposal deployable than it has taken to get to what we've got now, the silver lining for me was that i learned how to railroad my own proposals through IETF using the techniques i learned. RFC 2136, RFC 2671, and RFC 2845 all exist only because of the dirty tricks i learned by watching masataka's mistreatment. (had i known at the outset how IETF worked, i would have worked to prevent that mistreatment, but i was a n00b.) -- Paul Vixie -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Kaminsky on djbdns bugs (fwd)
On Sat, 9 Aug 2008, Paul Wouters wrote: DNSSEC, a cryptographic version of DNS, has been in development since 1993 but is still not operational. It seems that Mr. Bernstein also suffers from the America is the not the world syndrome. ??? Bernstein said that DNSSEC offers a surprisingly low level of security while causing severe problems for DNS reliability and performance. Let's not argue about the subjective suprisingly. But what is this low level of security? Is a fully trusted path 'low level'? If so, what is 'high level'? I think http://cr.yp.to/talks/2004.04.28/slides.pdf might help. We need to stop wasting time on breakable patches, Bernstein said. He called for development of DNSSEC alternatives that quickly and securely reject every forged DNS packet. This statement even goes so far as to suggest DNSSEC is a breakable patch In general, for all those people who claim DNSSEC is not the solution, I have a few questions 1) What is more broken with DNSSEC then on DNS? The question really should be 'What is LESS broken with DNSSEC than with DNS?' Equally broken is bad, too. 'More broken' is clearly a disaster. 'Not broken' is the goal. 2) If DNSSEC is flawed, where is a better alternative? I think there are indeed better alternatives. Bernstein calls for development of alternatives. But to find alternatives, IETF has to stop silencing the people who can figure out solutions, merely because those people oppose the BIND cartel. The BIND cartel gave us the flawed solutions; It did this by silencing the opposition to create a false consensus on their ideas. The cartel continues to exercise control of (at least) IETF DNSEXT and continues to silence its critics, even though its credibility at solving these problems should have been exhausted a long time ago. Silencing the cartel's critics was improper. Without answering those questions, you can't really reject DNSSEC over the alternative of keeping to run DNS as we have so far. Sure you can reject DNSSEC. One broken solution doesn't justify deployment of another broken solution. Time and again we've seen this same pattern: Someone essentially yells Emergency! Lets rush out this (non) solution! No time to think things through!. In almost every case, there is usually no emergency, and the 'solution' is frequently worse than the problem. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Kaminsky on djbdns bugs (fwd)
Dean Anderson wrote: 1) What is more broken with DNSSEC then on DNS? DNSSEC is, socially, more dangerous than PODS, because DNSSEC gives users false sense of security. The question really should be 'What is LESS broken with DNSSEC than with DNS?' Equally broken is bad, too. 'More broken' is clearly a disaster. 'Not broken' is the goal. I was enlightened on two things through designing and improving simple secure DNS, which is a PKI-based cryptographically secure DNS consistent with PODS. They are: 1) precise authority model of referral and glue A, which is why I know how to fix cache contamination through glue A 2) Meaninglessness of DNSSEC, or PKI in general, with no better security than PODS Just like the Internet is a network of ISPs and end users, a PKI is a network of CAs and end users. If you can blindly believe in that CAs and end users are secure, you can blindly believe in that ISPs and end users are secure, both of which are, of course, wrong. However, with PKI the former is silently assumed and PKI is claimed to be cryptographically secure, which is the fallacy of PKI. For example, even if you make your signature generation mechanism not accessible online through the Internet, the mechanism must be, to keep the PKI work, accessible through the network of CAs and end users, which means the mechanism is effectively online, where effectively means attacking is equally easy. That is, WG discussion on securing NXDOMAIN has been totally meaningless. For another example, just as a packet with 16 bit ID and 32 bit source address should not be blindly believed, a person with an ID badge with 16 digit ID and issuer's name of your parent CA should not be blindly believed, though both of them are blindly believed so often. To break DNSSEC, a phishing site pretending as your parent CA and requesting you enter your private key is often enough. 2) If DNSSEC is flawed, where is a better alternative? I think there are indeed better alternatives. As I already posted, try to improve implementations to use TCP with random sequence number and random port, which is not more difficult than to improve caching behavior of implementations. Masataka Ohta ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Kaminsky on djbdns bugs (fwd)
Dean Anderson wrote: 1) What is more broken with DNSSEC then on DNS? DNSSEC is, socially, more dangerous than PODS, because DNSSEC gives users false sense of security. The question really should be 'What is LESS broken with DNSSEC than with DNS?' Equally broken is bad, too. 'More broken' is clearly a disaster. 'Not broken' is the goal. I was enlightened on two things through designing and improving simple secure DNS, which is a PKI-based cryptographically secure DNS consistent with PODS. They are: 1) precise authority model of referral and glue A, which is why I know how to fix cache contamination through glue A 2) Meaninglessness of DNSSEC, or PKI in general, with no better security than PODS Just like the Internet is a network of ISPs and end users, a PKI is a network of CAs and end users. If you can blindly believe in that CAs and end users are secure, you can blindly believe in that ISPs and end users are secure, both of which are, of course, wrong. However, with PKI the former is silently assumed and PKI is claimed to be cryptographically secure, which is the fallacy of PKI. For example, even if you make your signature generation mechanism not accessible online through the Internet, the mechanism must be, to keep the PKI work, accessible through the network of CAs and end users, which means the mechanism is effectively online, where effectively means attacking is equally easy. You already have to trust your parents to publish your delegating NS RRset. If they don't then you are in trouble. DNSSEC does not change that pre-existing trust relationship which is required for DNS to work. Unless you control all aspects of the communication you end up having to trust someone. The question is who do you trust and is that appropriate for the thing that is being secured. The DNSSEC trust model is in parallel to the trust model of the thing it is securing (DNS). That is, WG discussion on securing NXDOMAIN has been totally meaningless. That really depends on which persons you are attempting to prevent tampering from. For another example, just as a packet with 16 bit ID and 32 bit source address should not be blindly believed, a person with an ID badge with 16 digit ID and issuer's name of your parent CA should not be blindly believed, though both of them are blindly believed so often. To break DNSSEC, a phishing site pretending as your parent CA and requesting you enter your private key is often enough. Which like most things to do with security is a matter of education. 2) If DNSSEC is flawed, where is a better alternative? I think there are indeed better alternatives. As I already posted, try to improve implementations to use TCP with random sequence number and random port, which is not more difficult than to improve caching behavior of implementations. TCP only addresses one of the issues. Masataka Ohta ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED] ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Kaminsky on djbdns bugs (fwd)
To break DNSSEC, a phishing site pretending as your parent CA and requesting you enter your private key is often enough. Which like most things to do with security is a matter of education. To which I should have added. With DNSSEC you *never* need to disclose you private key. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED] ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Kaminsky on djbdns bugs (fwd)
Mark Andrews wrote: DNSSEC is, socially, more dangerous than PODS, because DNSSEC gives users false sense of security. You already have to trust your parents to publish your delegating NS RRset. So, technically, DNSSEC is no worse but no better than PODS. That is, WG discussion on securing NXDOMAIN has been totally meaningless. That really depends on which persons you are attempting to prevent tampering from. Social implementations of DNSSEC may be (or, considering its complexity, will always be) vulnerable to tampering from any person. Which like most things to do with security is a matter of education. Quick upgrading of programs with open security holes is another, but a lot easier, matter of education. So, if we are discussing security in the real world, let's never assume that people are automagically educated to treat all the complex aspects of DNSSEC operations properly. As I already posted, try to improve implementations to use TCP with random sequence number and random port, which is not more difficult than to improve caching behavior of implementations. TCP only addresses one of the issues. Let's accept the reality that DNS operation is human and can not be very secure. Masataka Ohta ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Kaminsky on djbdns bugs (fwd)
On Aug 11, 2008, at 6:34 PM, Masataka Ohta wrote: DNSSEC is, socially, more dangerous than PODS, because DNSSEC gives users false sense of security. The average user has a false sense of security completely independent of what the underlying protocol is. So what matters is not what sense of security the user has, but what actual security the user has. We can't control what the user thinks or does. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Kaminsky on djbdns bugs (fwd)
Ted Lemon wrote: DNSSEC is, socially, more dangerous than PODS, because DNSSEC gives users false sense of security. So what matters is not what sense of security the user has, but what actual security the user has. The false sense of security makes people unconditionary accept DNS result. Worse, they think not only attackers but also victims are responsible for damages. We can't control what the user thinks or does. How can you explain the evidence that many people here think DNSSEC more secure than PODS merely because it is called DNSSEC? Are they less-than-average users? Masataka Ohta ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] Kaminsky on djbdns bugs (fwd)
On Aug 11, 2008, at 8:36 PM, Masataka Ohta wrote: How can you explain the evidence that many people here think DNSSEC more secure than PODS merely because it is called DNSSEC? Are they less-than-average users? No, Ohta-san. It _is_ more secure. Security is relative, not absolute. You could reasonably question whether the delta in security is worth the price we'd pay, but calling people names isn't part of that process. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
