Re: [DNSOP] DNSSEC as a Best Current Practice

Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp> Fri, 08 April 2022 05:27 UTC

Return-Path: <mohta@necom830.hpcl.titech.ac.jp>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43BC33A1E73 for <dnsop@ietfa.amsl.com>; Thu, 7 Apr 2022 22:27:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K38p5oKwPR65 for <dnsop@ietfa.amsl.com>; Thu, 7 Apr 2022 22:27:34 -0700 (PDT)
Received: from necom830.hpcl.titech.ac.jp (necom830.hpcl.titech.ac.jp [131.112.32.132]) by ietfa.amsl.com (Postfix) with SMTP id E8D493A0D2D for <dnsop@ietf.org>; Thu, 7 Apr 2022 22:27:33 -0700 (PDT)
Received: (qmail 62783 invoked from network); 8 Apr 2022 05:23:27 -0000
Received: from necom830.hpcl.titech.ac.jp (HELO ?127.0.0.1?) (131.112.32.132) by necom830.hpcl.titech.ac.jp with SMTP; 8 Apr 2022 05:23:27 -0000
Message-ID: <0e2dffab-6afc-b1b6-9028-175f89f0d29e@necom830.hpcl.titech.ac.jp>
Date: Fri, 08 Apr 2022 14:27:31 +0900
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
Content-Language: en-US
To: Brian Dickson <brian.peter.dickson@gmail.com>, "dnsop@ietf.org WG" <dnsop@ietf.org>
References: <57f1c37b-497c-e1a0-329c-4b9c8b7e197b@necom830.hpcl.titech.ac.jp> <A9F689C9-4ABF-4947-AA6B-56E2F0C17D13@nohats.ca> <9732682e-78e7-f6bf-84fc-685de22d5e12@necom830.hpcl.titech.ac.jp> <350d8ab8-0477-b656-8b08-56f7561a7fda@necom830.hpcl.titech.ac.jp> <CAH1iCiqkAPHq1QBKdkbh86j8UhimjEMG9DU15O9Tkch4BedBjg@mail.gmail.com>
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
In-Reply-To: <CAH1iCiqkAPHq1QBKdkbh86j8UhimjEMG9DU15O9Tkch4BedBjg@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/NaSheBlEsZVDP1_QWv4t60XkqPI>
Subject: Re: [DNSOP] DNSSEC as a Best Current Practice
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Apr 2022 05:27:37 -0000

Brian Dickson wrote:

>> Are there anyone who still think DNSSEC were cryptographically secure
>> or had protected TLDs more securely than diginotar?

> I'm not sure why "thinks" enters into the conversation.

You may replace it with "dreams".

> The facts are what matters here:

The important facts are that:

	DNSSEC is not cryptographically secure.

	DNSSEC "at the TLD level and higher", which
	include root zone, is only as trustworthy
	as diginotar.

> Taken together, this means that as long as there exists any CA which
> is weaker than some TLD, that automatically means that as a global
> system, DNSSEC is more cryptographically secure than WebPKI.
First, "CA" is terminology not specific to WebPKI, whatever
it means, but PKI in general including DNS. That is, a DNSSEC
TLD is a CA.

Second "any CA which is weaker than some TLD" means not
"cryptographically weaker" but "operationally/physically
weaker". As such, your conclusion can only be "DNSSEC is
more operationally/physically secure than WebPKI"

Third, all the CAs, including TLDs, pursuing commercial
success have very good appearance using such words as
"HSMs" or "four eyes minimum". That is, you can't
compare actual operational/physical strength from
their formal documents.

Remember:

>> At the TLD level and higher, this involves HSMs and physical
>> access restrictions using a "four eyes minimum" approach. > Not surprisingly, diginotar was equally strongly secure.

					Masataka Ohta