Re: Quic: the elephant in the room

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Apr 10, 2021 at 12:59:34PM -0700, Michael Thomas wrote:
> Let me ask a pointed question: if we used DANE+DNSSec do we have confidence
> in the security of the solution? I think we'd have to have a lot of
> confidence in both that they are really ready for prime time.

I do, for the reasons I gave.  It can't be worse than WebPKI, that's for
sure.  At least in a pre-post-quantum world.  In a PQ world I suspect
we'd want to have something more akin to a PKI + Needham-Schroeder to
optimize PQ PK.

I think I would prefer a single-root PKIX PKI with name constraints to
DNSSEC/DANE.  Perhaps we can still get that by getting registries/
registrars to operate name-constrained CAs, and replace WebPKI with a
DNS-parallel PKI.  But at this point DNSSEC/DANE seems much more
realistic as a way to get to a single-root name constrained PKI for
domainnames.  Also, DNSSEC can do secure denial of existence while PKIX
cannot because wheras DNSSEC is based on a directory (DNS), x.509/PKIX,
though it was meant to be used with directories (DAP) doesn't really
have a viable global directory scheme (imagine using LDAP as we use
DNS!), and doesn't have a directory that can do secure denial of
existence either.

Nico
-- 




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux