This is a discussion on RE: DNSSEC - Signature Only vs the MX/A issue. - DNS ; AS I have been saying for over a decade security is risk management, not = risk elimination. The point you make is not new, Bruce Scheneir made it together with Carl = Ellison in a paper some years back. He ...
AS I have been saying for over a decade security is risk management, not =
The point you make is not new, Bruce Scheneir made it together with Carl =
Ellison in a paper some years back. He was wrong then and Secrets and =
Lies is essentially explaining why.
Most cases of administrative incompetence will result in a complete loss =
of service. DNSSEC does not add a significant number of new ways to =
screw up and the remedy is exactly the same.=20
The cases where administrative incompetence leads to a security breach =
are not as likely as direct attack and in any case very difficult to =
exploit successfully without inside knowledge that allows for more =
DNSSEC is not intended to control against administrator malfeasance.=20
> -----Original Message-----
> From: Masataka Ohta [mailto:firstname.lastname@example.org]=20
> Sent: Monday, December 11, 2006 7:48 PM
> To: Hallam-Baker, Phillip
> Cc: Paul Vixie; Christian Huitema; Ralph Droms; bert hubert;=20
> Subject: Re: DNSSEC - Signature Only vs the MX/A issue.
> Hallam-Baker, Phillip wrote:
> > If you want to make such statements first state your risk model.
> Are you saying it to Paul's statement of "so the Secure DNS=20
> model is end-to-end rather than interior-only."?
> Anyway, if you use your risk model, your statements is=20
> nothing more than a fantasy.
> I, instead, have been stating the reality that ISPs and zone=20
> administrators are equally (un)trustworthy.
> As a result, DNSSEC is NOT cryptographycally secure and is as=20
> secure as plain DNS.
> Masataka Ohta
to unsubscribe send a message to email@example.com with
the word 'unsubscribe' in a single line as the message text body.