User: Password:
|
|
Subscribe / Log in / New account

On keys and users

On keys and users

Posted Jun 23, 2011 10:48 UTC (Thu) by job (guest, #670)
Parent article: On keys and users

If people would start using DNSSEC, we'd have a pretty solid ground to stand on for the peer-to-peer key distribution required for the projects mentioned above. Instead of proving your identity in these systems (which is a quite difficult social problem at the very least) you could just accept that your domain name is your identity and move on to more interesting things.


(Log in to post comments)

On keys and users

Posted Jun 23, 2011 13:23 UTC (Thu) by ortalo (subscriber, #4654) [Link]

Don't you fear that such solution would be limited in scope to technically-oriented people?
From my point of view, few regular people do know what a DNS entry is, even less have actual control on their own DNS space.

These are not criticisms btw. At least you offer something for some class of users. But is the scope big enough to launch a successful security infrastructure in the open world?

Furthermore, with DNSSEC, some central authority (and its associated procedure) still appears somewhere in the process. Admittedly, this one is probably less centralized and more open than X.509 CAs. But since the beginning, and of course even more in recent times, I've favoured more spontaneous/original approaches, like the PGP web of trust. Maybe this is the case also because it still seems more innovative to me. (A classical centralized and governement-oriented certification process, like for birth registration for example, is still useful, but somehow old fashioned...:-)

Finally, what makes you think proving your identity is such a "quite difficult social problem"?
Proving your identity to everyone in the world, with certainty, at governement-level security (with respect to nationality for example) and for a long time certainly is; but do we really need that everyday? Most of everyday life tasks are accomplished without using an identity card, many are entirely anonymous. On the net, self-signed certificates can be useful too (e.g. I certainly trust more lwn.net's than several much more costly ones, especially for reading your answer).

Why not try to isolate more practical and self-contained problems which necessitate a security solution and try to solve them separately?
BTW, we actually converge on our views if your concern is to secure DNS and use it to improve the (net) access to your own home computers securely. For that, DNSSEC sounds pretty good.

Astonishlingly, sometimes I have the feeling that, in this area of combined computer security and free software, we are as much in search of a problem that can be realistically solved than in search of an ideal technical solution. (And, what's an engineer without a problem to solve... ;-)

Maybe we need to look more closely to clarify the users' needs in this domain. (After all, in this area, users are frequently ignorant or even lying about their needs.)

On keys and users

Posted Jun 25, 2011 17:17 UTC (Sat) by pabs (subscriber, #43278) [Link]

I tend to agree with Moxie Marlinspike about DNSSEC:

http://blog.thoughtcrime.org/ssl-and-the-future-of-authen...

On keys and users

Posted Jun 26, 2011 11:22 UTC (Sun) by job (guest, #670) [Link]

Any crypto is limited in scope to technically-oriented people. Most people host their data with others.

DNSSEC appeals to me because we already have to trust the domain name system. If your domain is deregistered for any reason, your communication fails whether you have secured your domain or not.

The only third party you need to trust is your TLD (which you have to trust anyway, see above). For people under .com I understand your concerns but there are other TLDs and trust is not delegated between them except for the root, and it is impractical to deregister the TLD when a few individual domains is questionable.

The important thing here is that a mischevious registrar can only sabotage domains registered with them, whereas a trusted CA is normally completely trusted to sign anything in the global root. That difference alone is worth it, in my opinion.

That also sums up my criticism against Marlinspike's article. He concludes that DNSSEC is not impervious to attacks, which should be trivially true, but ignores the fact that it is lightyears ahead of what be have today.

What is mean that proving identity is hard is only that as far as I know only governments have succeeded doing in on the large scale required here. That most transactions are anonymous may be true but does not help us when we need to do secure transactions. Private CAs has proven to be a failure so far. Our choices are then between a large intergovernmental CA system (in effect delegating trust along the country TLDs) or to put our trust in DNSSEC. I would prefer the latter.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds