[Cryptography] Why not the DNS? (was Re: Implementations, attacks on DHTs, Mix Nets?)
Perry E. Metzger
perry at piermont.com
Wed Aug 28 08:34:58 EDT 2013
On Tue, 27 Aug 2013 23:39:51 -0400 Jerry Leichter <leichter at lrw.com>
wrote:
> It's not as if this isn't a design we have that we know works:
> DNS.
As I said elsewhere: as a practical matter, almost no one using email
is a DNS administrator. This therefore cannot possibly deploy in
finite time for the average user. If your mailbox is in a domain name
controlled by someone else, you may wait effectively forever for
permission. Indeed, DNSSEC itself has waited forever as a result of
that.
Furthermore, this is unacceptable because the trust model is
unacceptable. If you are a user of gmail, for example, it implies
that Google is in the trust loop for telling the world security
critical information, like, for example, your key. Sovereign
threats can order Google to insert different keys at will.
As I've said elsewhere: the DNS is a very architecturally tempting
idea for all of this. I fully understand why people would want to do
it that way. It is not, however, practical if one wants to deploy in
months and not decades, and it makes trust entirely hierarchical.
Perry
--
Perry E. Metzger perry at piermont.com
More information about the cryptography
mailing list