> > > Clients (lazily perhaps). The public. Domain owners. Registrars. >
Certainly possible, but I wonder how much this will happen in a world of thousands of DNSSEC-CT logs existing for various domains. Some of them will inevitably screw up. Will it be front-page news the 10th time that happens due to server outages or administrative screwups? I imagine it will be kind of like using an expired x.509 cert today. People on hackernews might comment if a top website did it, but not an emergency board meeting type of situation for that company. With CT for x.509 certs the assumption is that smaller number of logs are run which are very important and any screwup is a BFD. I don't know if that assumption scales to thousands of DNSSEC-CT logs. > Remember, com. and . cannot merely MITM foo.bar.com. com. would have > to MITM bar.com. as well. And . would have to MITM com. too. These > would be noticeable. What about a compelled creation attack (or undetected key compromise) where malicious entries are signed by the genuine evil.com key? For example, say evilhosting.com gives me jbonneau.evilhosting.com and I care that they only sign my records for this domain so that nobody can MITM my site. But they secretly agree to give the government of Elbonia a signed record for my domain and then fail to log them properly. They can do this without any compromise or intervention of com, right?
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
