DNSSEC to be strangled at birth.

Thor Lancelot Simon tls at rek.tjls.com
Thu Apr 5 19:54:24 EDT 2007


On Thu, Apr 05, 2007 at 04:49:33PM -0700, Paul Hoffman wrote:
> 
> >because, with it, one can sign the appropriate
> >chain of keys to forge records for any zone one likes.
> 
> If the owner of any key signs below their level, it is immediately 
> visible to anyone doing active checking. The root signing furble.net 
> instead of .net signing furble.net is a complete giveaway to a 
> violation of the hierarchy and an invitation for everyone to call 
> bullshit on the signer. Doing so would completely negate the value of 
> owning the root-signing key.

You're missing the point.  The root just signs itself a new .net key,
and then uses that to sign a new furble.net key, and so forth.  No
unusual key use is required.

It's a hierarchy of trust: if you have the top, you have it all, and
you can forge anything you like, including the keys used to sign the
application key records used to encrypt user data, where they are
present in the system.

Thor

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list