Re: [DNSOP] Practical issues deploying DNSSEC into the home.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



OK lets consider the trust requirements here.

1. We only need to know the current time to an accuracy of 1 hour.

2. The current time is a matter of convention rather than a natural property. It is therefore impossible to determine the time without reference to at least one trusted party.

2a) A trusted party that asserts that the current time is set to a date in the future can perform a denial of service attack on a relying party but one that is easily detected.

2b) It is a simple matter for the trusted party to provide a signed assertion that the current time is after the Date-Time X. The hard part is ensuring that the relying party can access an up to date version of the current time assertion.

2c) DNSSEC already provides an abundance of such assertions. If the signatures on the .com zone are claiming a date in the future then the whole viability of DNSSEC collapses. 

3) A relying party thus requires a demonstration that is secure against a replay attack from one or more trusted parties to be assured that the time assertion presented is current but this need not necessarily be the same as the source of the signed time assertion itself.

4) In the case of DNSSEC the window of vulnerability is actually fairly small since rewinding the time to a date in the past only helps an attacker if they had compromised the system on that date.


The real design decision is who you decide you are going to rely on for (3). TLS is proof against replay attack due to the exchange of nonces. 

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]