IETF Logo Mail Archive

Re: [DNSOP] On trust anchors, roots of trust, humans and indirection

Tony Finch <dot@dotat.at> Sun, 01 April 2018 14:23 UTC

Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86A5C124C27 for <dnsop@ietfa.amsl.com>; Sun, 1 Apr 2018 07:23:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fgv0w-RiXXbq for <dnsop@ietfa.amsl.com>; Sun, 1 Apr 2018 07:23:27 -0700 (PDT)
Received: from ppsw-40.csi.cam.ac.uk (ppsw-40.csi.cam.ac.uk [131.111.8.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A063E124207 for <dnsop@ietf.org>; Sun, 1 Apr 2018 07:23:27 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:60588) by ppsw-40.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.138]:25) with esmtps (TLSv1:ECDHE-RSA-AES256-SHA:256) id 1f2dtE-0009zM-lv (Exim 4.89_2) (return-path <dot@dotat.at>); Sun, 01 Apr 2018 15:23:24 +0100
Date: Sun, 01 Apr 2018 15:23:24 +0100
From: Tony Finch <dot@dotat.at>
To: Paul Vixie <paul@redbarn.org>
cc: "dnsop@ietf.org" <dnsop@ietf.org>, Phillip Hallam-Baker <phill@hallambaker.com>, Michael StJohns <msj@nthpermutation.com>
In-Reply-To: <5AC03BAA.3080601@redbarn.org>
Message-ID: <alpine.DEB.2.11.1804011521020.8307@grey.csi.cam.ac.uk>
References: <a9bd794f-41bc-9593-db0d-5424c84431a3@nthpermutation.com> <alpine.DEB.2.11.1803281105310.10477@grey.csi.cam.ac.uk> <cfc66d01-c8ce-b605-8074-8400b377f414@nthpermutation.com> <alpine.DEB.2.11.1803301403230.25657@grey.csi.cam.ac.uk> <CAMm+Lwj5JwrOTfWqNX740bgRYFn4k7gAhOB=cm=LYed=0Pu9pQ@mail.gmail.com> <alpine.DEB.2.11.1803301700030.30706@grey.csi.cam.ac.uk> <5ABE641F.6020501@redbarn.org> <alpine.DEB.2.11.1803312346270.5300@grey.csi.cam.ac.uk> <5AC03BAA.3080601@redbarn.org>
User-Agent: Alpine 2.11 (DEB 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/R5DCTDtbqbchzs6gpHOWHj-OGjc>
Subject: Re: [DNSOP] On trust anchors, roots of trust, humans and indirection
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Apr 2018 14:23:29 -0000

Paul Vixie <paul@redbarn.org> wrote:
>
> i suggest that bind, unbound, powerdns, and so on change their packaging to
> put the trust anchor in a different upgradeable package (.deb, .rpm, etc)
> than the software itself. until and unless the package manager is secured by
> DANE rather than by ssh/pgp/x509/etc, then the solution for being on the
> shelf for several months is, do a software update before you try to go
> online.

I think that's a good suggestion for the short term. For the longer
term I would like it to be possible to say that DANE is a reasonable
way to authenticate software updates, but at the moment it is not.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
Viking, North Utsire, South Utsire: Variable, mainly northerly 3 or 4,
occasionally 5 for a time. Slight or moderate. Wintry showers. Good
occasionally poor.

v2.23.0 | Report a Bug | By Email