IETF Logo Mail Archive

Re: Montevideo statement

Phillip Hallam-Baker <hallam@gmail.com> Tue, 08 October 2013 13:39 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95C8321E817E for <ietf@ietfa.amsl.com>; Tue, 8 Oct 2013 06:39:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kUMwCyjdwZvp for <ietf@ietfa.amsl.com>; Tue, 8 Oct 2013 06:39:09 -0700 (PDT)
Received: from mail-la0-x22d.google.com (mail-la0-x22d.google.com [IPv6:2a00:1450:4010:c03::22d]) by ietfa.amsl.com (Postfix) with ESMTP id AD0B721E805F for <ietf@ietf.org>; Tue, 8 Oct 2013 06:39:08 -0700 (PDT)
Received: by mail-la0-f45.google.com with SMTP id eh20so6991222lab.32 for <ietf@ietf.org>; Tue, 08 Oct 2013 06:39:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=bIVTH3IaCshLsrLRJuh+nIbKIZoCdUOZUsfW9Dzl960=; b=DZuqbhY+ksKvFCGbM7uaueCZbQuqMPZ9BctZSsNYZx0i8zbJs2xctsWxxtAnDoAx0D hPj/u/iQU2eYx1BZrNfvX3o8Wol2iwWDywxLxJM1+SonlKbPO37hexBLu/fcWh+VQlGn bTe1DvP9cSCSUd1fLcNtOi8KmR9kcVXD7mkFW4lDKXQvEk/qAEOuCB+clC4K3EymR8Rn 9RqdfG6enQdrARxYZufIkAVw9hPaqU66+incJQZWEbB9YYuXxmltcdkYKvMOkhxMalwe 0Y7dsQE5nnBSaYGGnma7RBkqWICPFqmL2yLwrrOE51s+NB04szvc7XxOg1haf5uVqJFX f2LQ==
MIME-Version: 1.0
X-Received: by 10.152.29.103 with SMTP id j7mr1363446lah.7.1381239547495; Tue, 08 Oct 2013 06:39:07 -0700 (PDT)
Received: by 10.112.148.165 with HTTP; Tue, 8 Oct 2013 06:39:07 -0700 (PDT)
In-Reply-To: <11948.1381238349@sandelman.ca>
References: <ABCF1EB7-3437-4EC3-B0A8-0EDB2EDEA538@ietf.org> <20131007225129.GA572@laperouse.bortzmeyer.org> <4B3BF00B-0916-4EED-A73C-A0EB8B2A78FD@piuha.net> <CAMm+LwjqEX8XUM2RcLWGS0ZR8Ax=wHJjQhnSAoYbntWVeqNgAA@mail.gmail.com> <11948.1381238349@sandelman.ca>
Date: Tue, 08 Oct 2013 09:39:07 -0400
Message-ID: <CAMm+Lwgr2PM-pKyeRZW40mdsj12aydmP1cGj+FhxtW2Rpzg7TQ@mail.gmail.com>
Subject: Re: Montevideo statement
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Content-Type: multipart/alternative; boundary="089e0160b828940a5d04e83ae4c4"
Cc: IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2013 13:39:10 -0000

On Tue, Oct 8, 2013 at 9:19 AM, Michael Richardson <mcr+ietf@sandelman.ca>wrote:

>
> Phillip Hallam-Baker <hallam@gmail.com> wrote:
>     > I think the US executive branch would be better rid of the control
>     > before the
>     > vandals work out how to use it for mischief. But better would be to
>     > ensure that
>     > no such leverage exists. There is no reason for the apex of the DNS
> to
>     > be a
>     > single root, it could be signed by a quorum of signers (in addition
> to
>     > the key
>
> k-of-n signing for the DNSSEC root was talked about by many, including Tatu
> Ylonen back in 1996...
>

Most crypto hardware supports k-of-n keysplitting and most of the code out
there makes use of it. And PKIX CAs use k-of-n keysplitting on a monolithic
trust anchor rather than a composite trust anchor. So it is easy to see how
a technical decision would go that way.

But the idea of signing the root did not become a practical possibility
until much later. I certainly gave the issue no thought when looking at
signing .com. I certainly did not think that it was necessary to wait for
the root to be signed to sign .com.



> I have an alternate proposal: every country's ccTLD should sign the root,
> and/or the other TLDs.  That actually hands control of the DNS root back
> to the legislatures in each country.  True: some countries might have
> perverted notions of what belongs in the root, and we might get different
> views of the Internet.  But, this happens already using a variety of
> wrong mechanisms that cause harm to the Internet.
>

I think that is a better approach actually. The CC TLDs are in effect
members of a bridge CA and ICANN is merely the bridge administrator.

There would have to be adequate controls to ensure that transfer of the
root was practical of course. It is probably necessary for the CC TLDs to
be able to sign more than one bridge. After all, Europe has just spent many
billions replicating GPS. This would cost less.

And anyone who is a relying party can choose to chain to a single trust
anchor or use multiple anchors. So the quorate approach is still available
for those who want it. If France, Cuba, the US and India all agree on the
validity of the bridge root, then it is probably valid.



> Better they do this using good crypto, than that they do this by trying to
> subvert the (US-controlled) crypto.
>

Its not all US controlled, you can use GOST...


-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email