[Cryptography] Certificates and PKI

Ben Laurie ben at links.org
Mon Dec 29 08:06:53 EST 2014

On 28 December 2014 at 15:05, Viktor Dukhovni <cryptography at dukhovni.org> wrote:
> On Sat, Dec 27, 2014 at 12:22:21PM -0500, Paul Wouters wrote:
>> >CT for parent domains serving entries in what should be a child
>> >domain is doable I think.
>> As someone told me offline, qname minimalization actually solves this
>> problem.
> This had occured to me, but there are some issues:
>     * With "_<port>._<proto>.mxhost.example.com" one might
>       now need to make 5 queries instead of 3, unless there
>       is way to "tune" minimization.  I am concerned about the
>       impact on latency.
>     * Validating stub resolvers would need to retrieve each
>       of the relevant intermediate nodes, increasing the number of
>       messages sent to the recursive resolver.
>     * This still might not address denial of existence "spam".

Not entirely sure what the issue is here? DNSSEC already has denial of
existence using no more records than already exist in the zone. Not
clear why CT has a problem here?

We've also outlined a system that can efficiently do denial of
existence for CT

>> >I've not been following the "trans" working group, is there a
>> >plausible design for CT for DNSSEC, or do the problems look
>> >intractable?
>> That discussion has started, but the WG first wants to focus on the core
>> documents and complete those before moving into the other areas such as
>> DNSSEC and binary blob transparency.
> Thanks for the update.  Understood.

Not sure we (the WG) are actually shooting for completion before
addressing them, but certainly my team is already fully occupied with
CT for now, so we won't be pushing hard on it yet! But there's no
great reason to wait for CT to be done (particularly since that may
take a while!).

More information about the cryptography mailing list