On Sep 12, 2013, at 7:24 AM, Theodore Ts'o <tytso@xxxxxxx> wrote:
> It is still a hierarchical model of trust. So at the top, if you
> don't trust Verisign for the .COM domain and PIR for the .ORG domain
> (and for people who are worried about the NSA, both of these are US
> corporations), the whole system falls apart.
Its also a constrained path of trust, and you can actually chose who you trust.
E.g. your application could be constructed to look up both "{data}.dnssec-info-domain.com" and "{data}.dnssec-info-domain.ru". Only if both use the same validated key is the key accepted.
That way, the trust becomes:
1: The root is trusted
2: The registrar for .com and .ru don't collaborate, since they must collaborate for the trust to affect the results.
This is a huge difference from SSL, which unless you pin your application to trust only a single CA, you end up having to trust the entire universe of certificate authorities.
--
Nicholas Weaver it is a tale, told by an idiot,
nweaver@xxxxxxxxxxxxxxxxx full of sound and fury,
510-666-2903 .signifying nothing
PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail