Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA
John C Klensin <john@jck.com> Fri, 06 September 2013 15:46 UTC
Return-Path: <john@jck.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D1AB21E80C4 for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 08:46:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id COgrDEtwej1p for <ietf@ietfa.amsl.com>; Fri, 6 Sep 2013 08:45:55 -0700 (PDT)
Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) by ietfa.amsl.com (Postfix) with ESMTP id 687C321E80D4 for <ietf@ietf.org>; Fri, 6 Sep 2013 08:45:55 -0700 (PDT)
Received: from [198.252.137.115] (helo=JcK-HP8200.jck.com) by bsa2.jck.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <john@jck.com>) id 1VHyEL-000E7o-Ju; Fri, 06 Sep 2013 11:45:53 -0400
Date: Fri, 06 Sep 2013 11:45:48 -0400
From: John C Klensin <john@jck.com>
To: Joe Abley <jabley@hopcount.ca>, Theodore Ts'o <tytso@mit.edu>
Subject: Re: Bruce Schneier's Proposal to dedicate November meeting to savingthe Internet from the NSA
Message-ID: <D1E2C7E887348378A546E9F9@JcK-HP8200.jck.com>
In-Reply-To: <6F39C53D-D758-47F8-A6C5-968C6254150C@hopcount.ca>
References: <5F053C0B-4678-4680-A8BF-62FF282ADDCE@softarmor.com> <alpine.BSF.2.00.1309051743130.47262@hiroshima.bogus.com> <52293197.1060809@gmail.com> <CAMm+LwjdN478yyU=J7=GTpQxqtdgP8wtdEtna50X+WtA-bV3hg@mail.gmail.com> <52294BDC.4060707@gmail.com> <20130906033254.GH62204@mx1.yitter.info> <CAMm+Lwg9kJymBWaEXwZfQ=P5Uo-UmYoNvvzewnXjUu+mhg+QTQ@mail.gmail.com> <006001ceaad6$61f39640$4001a8c0@gateway.2wire.net> <5229D6B0.1040709@qti.qualcomm.com> <20130906141612.GC1249@thunk.org> <6F39C53D-D758-47F8-A6C5-968C6254150C@hopcount.ca>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Cc: IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Sep 2013 15:46:01 -0000
--On Friday, September 06, 2013 10:43 -0400 Joe Abley <jabley@hopcount.ca> wrote: >> Can someone please tell me that BIND isn't being this stupid? > > This thread has mainly been about privacy and confidentiality. > There is nothing in DNSSEC that offers either of those, > directly (although it's an enabler through approaches like > DANE to provide a framework for secure distribution of > certificates). If every zone was signed and if every response > was validated, it would still be possible to tap queries and > tell who was asking for what name, and what response was > returned. Please correct me if I'm wrong, but it seems to me that DANE-like approaches are significantly better than traditional PKI ones only to the extent to which: - The entities needing or generating the certificates are significantly more in control of the associated DNS infrastructure than entities using conventional CAs are in control of those CAs. - For domains that are managed by registrars or other third parties (I gather a very large fraction of them at the second level), whether one believes those registrars or other operators have significantly more integrity and are harder to compromise than traditional third party CA operators. best, john
- Bruce Schneier's Proposal to dedicate November me… Dean Willis
- Re: Bruce Schneier's Proposal to dedicate Novembe… Martin Millnert
- Re: Bruce Schneier's Proposal to dedicate Novembe… Lucy Lynch
- Re: Bruce Schneier's Proposal to dedicate Novembe… Brian E Carpenter
- Re: Bruce Schneier's Proposal to dedicate Novembe… cb.list6
- Re: Bruce Schneier's Proposal to dedicate Novembe… Ted Lemon
- Re: Bruce Schneier's Proposal to dedicate Novembe… Ted Lemon
- Re: Bruce Schneier's Proposal to dedicate Novembe… Phillip Hallam-Baker
- Re: Bruce Schneier's Proposal to dedicate Novembe… Noel Chiappa
- Re: Bruce Schneier's Proposal to dedicate Novembe… Brian E Carpenter
- Re: Bruce Schneier's Proposal to dedicate Novembe… Dave Crocker
- Re: Bruce Schneier's Proposal to dedicate Novembe… Brian E Carpenter
- Re: Bruce Schneier's Proposal to dedicate Novembe… Melinda Shore
- Re: Bruce Schneier's Proposal to dedicate Novembe… Vinayak Hegde
- Re: Bruce Schneier's Proposal to dedicate Novembe… Andrew Sullivan
- Re: Bruce Schneier's Proposal to dedicate Novembe… Vinayak Hegde
- Re: Bruce Schneier's Proposal to dedicate Novembe… Noel Chiappa
- Re: Bruce Schneier's Proposal to dedicate Novembe… Phillip Hallam-Baker
- Re: Bruce Schneier's Proposal to dedicate Novembe… Phillip Hallam-Baker
- Re: Bruce Schneier's Proposal to dedicate Novembe… Randy Bush
- Re: Bruce Schneier's Proposal to dedicate Novembe… Melinda Shore
- Re: Bruce Schneier's Proposal to dedicate Novembe… Jari Arkko
- Re: Bruce Schneier's Proposal to dedicate Novembe… Eliot Lear
- Re: Bruce Schneier's Proposal to dedicate Novembe… Jari Arkko
- Re: Bruce Schneier's Proposal to dedicate Novembe… SM
- Re: Bruce Schneier's Proposal to dedicate Novembe… Måns Nilsson
- Re: Bruce Schneier's Proposal to dedicate Novembe… Hannes Tschofenig
- Re: Bruce Schneier's Proposal to dedicate Novembe… Adam Novak
- Re: Bruce Schneier's Proposal to dedicate Novembe… t.p.
- Re: Bruce Schneier's Proposal to dedicate Novembe… Vinayak Hegde
- Re: Bruce Schneier's Proposal to dedicate Novembe… Hannes Tschofenig
- Re: Bruce Schneier's Proposal to dedicate Novembe… Stewart Bryant
- Re: Bruce Schneier's Proposal to dedicate Novembe… Stephen Farrell
- Re: Bruce Schneier's Proposal to dedicate Novembe… Hannes Tschofenig
- Re: Bruce Schneier's Proposal to dedicate Novembe… Jorge Amodio
- Re: Bruce Schneier's Proposal to dedicate Novembe… Peter Saint-Andre
- Re: Bruce Schneier's Proposal to dedicate Novembe… Alan Johnston
- Re: Bruce Schneier's Proposal to dedicate Novembe… Martin Sustrik
- Re: Bruce Schneier's Proposal to dedicate Novembe… Eliot Lear
- Re: Bruce Schneier's Proposal to dedicate Novembe… Pete Resnick
- Re: Bruce Schneier's Proposal to dedicate Novembe… Scott Brim
- Re: Bruce Schneier's Proposal to dedicate Novembe… Bjoern Hoehrmann
- Re: Bruce Schneier's Proposal to dedicate Novembe… Noel Chiappa
- Re: Bruce Schneier's Proposal to dedicate Novembe… Dave Crocker
- Re: Bruce Schneier's Proposal to dedicate Novembe… John C Klensin
- Re: Bruce Schneier's Proposal to dedicate Novembe… Theodore Ts'o
- Re: Bruce Schneier's Proposal to dedicate Novembe… Theodore Ts'o
- Re: Bruce Schneier's Proposal to dedicate Novembe… Tony Finch
- Re: Bruce Schneier's Proposal to dedicate Novembe… Theodore Ts'o
- Re: Bruce Schneier's Proposal to dedicate Novembe… Stefan Winter
- Re: Bruce Schneier's Proposal to dedicate Novembe… Pete Resnick
- Re: Bruce Schneier's Proposal to dedicate Novembe… Joe Abley
- Re: Bruce Schneier's Proposal to dedicate Novembe… Noel Chiappa
- Re: Bruce Schneier's Proposal to dedicate Novembe… Scott Brim
- Re: Bruce Schneier's Proposal to dedicate Novembe… Dave Crocker
- Re: Bruce Schneier's Proposal to dedicate Novembe… John C Klensin
- Re: Bruce Schneier's Proposal to dedicate Novembe… Brian Trammell
- Re: Bruce Schneier's Proposal to dedicate Novembe… Ted Lemon
- Re: Bruce Schneier's Proposal to dedicate Novembe… Stephane Bortzmeyer
- Re: Bruce Schneier's Proposal to dedicate Novembe… Pete Resnick
- Re: Bruce Schneier's Proposal to dedicate Novembe… Scott Brim
- Re: Bruce Schneier's Proposal to dedicate Novembe… John C Klensin
- Re: Bruce Schneier's Proposal to dedicate Novembe… Ted Lemon
- Re: Bruce Schneier's Proposal to dedicate Novembe… Dave Crocker
- Re: Bruce Schneier's Proposal to dedicate Novembe… John C Klensin
- Re: Bruce Schneier's Proposal to dedicate Novembe… SM
- Re: Bruce Schneier's Proposal to dedicate Novembe… Spencer Dawkins
- Re: Bruce Schneier's Proposal to dedicate Novembe… Tony Finch
- Re: Bruce Schneier's Proposal to dedicate Novembe… Arturo Servin
- Re: Bruce Schneier's Proposal to dedicate Novembe… Noel Chiappa
- Re: Bruce Schneier's Proposal to dedicate Novembe… Hannes Tschofenig
- Re: Bruce Schneier's Proposal to dedicate Novembe… Hannes Tschofenig
- Re: Bruce Schneier's Proposal to dedicate Novembe… Abdussalam Baryun
- Re: Bruce Schneier's Proposal to dedicate Novembe… Michael Richardson
- Re: Bruce Schneier's Proposal to dedicate Novembe… Adam Novak
- Re: Bruce Schneier's Proposal to dedicate Novembe… Spencer Dawkins
- Re: Bruce Schneier's Proposal to dedicate Novembe… Dean Willis
- RE: Bruce Schneier's Proposal to dedicate Novembe… George, Wes
- Re: Bruce Schneier's Proposal to dedicate Novembe… Dean Willis
- Re: Bruce Schneier's Proposal to dedicate Novembe… Dave Crocker
- Re: Bruce Schneier's Proposal to dedicate Novembe… Ted Lemon
- Re: Bruce Schneier's Proposal to dedicate Novembe… Keith Moore
- Teachable moment Brian E Carpenter
- Re: Bruce Schneier's Proposal to dedicate Novembe… Måns Nilsson
- Re: Bruce Schneier's Proposal to dedicate Novembe… SM
- Re: Bruce Schneier's Proposal to dedicate Novembe… David Conrad
- Re: Bruce Schneier's Proposal to dedicate Novembe… Tim Bray
- Re: Bruce Schneier's Proposal to dedicate Novembe… Ted Lemon
- Re: Bruce Schneier's Proposal to dedicate Novembe… David Morris
- Re: Bruce Schneier's Proposal to dedicate Novembe… Scott Brim
- Re: Bruce Schneier's Proposal to dedicate Novembe… SM
- Re: Bruce Schneier's Proposal to dedicate Novembe… Dave Crocker
- Re: Bruce Schneier's Proposal to dedicate Novembe… Phillip Hallam-Baker
- Re: Bruce Schneier's Proposal to dedicate Novembe… Patrik Fältström
- Re: Bruce Schneier's Proposal to dedicate Novembe… Jorge Amodio
- Re: Bruce Schneier's Proposal to dedicate Novembe… Patrik Fältström
- Re: Bruce Schneier's Proposal to dedicate Novembe… Phillip Hallam-Baker
- Re: Bruce Schneier's Proposal to dedicate Novembe… ned+ietf
- Re: Bruce Schneier's Proposal to dedicate Novembe… Ted Lemon
- Equably when it comes to privacy SM
- Re: Equably when it comes to privacy Phillip Hallam-Baker
- Re: Equably when it comes to privacy Jorge Amodio
- Re: Equably when it comes to privacy Phillip Hallam-Baker
- Re: Equably when it comes to privacy Scott Kitterman
- Re: Equably when it comes to privacy SM
- Re: Equably when it comes to privacy joel jaeggli
- Re: Equably when it comes to privacy Janet P Gunn
- RE: Bruce Schneier's Proposal to dedicate Novembe… l.wood
- Re: Bruce Schneier's Proposal to dedicate Novembe… John C Klensin
- Re: Equably when it comes to privacy SM
- Re: Equably when it comes to privacy joel jaeggli
- RE: Bruce Schneier's Proposal to dedicate Novembe… l.wood
- Re: Bruce Schneier's Proposal to dedicate Novembe… Ross Finlayson
- Re: Bruce Schneier's Proposal to dedicate Novembe… Eliot Lear
- Re: Teachable moment Jari Arkko
- Re: Bruce Schneier's Proposal to dedicate Novembe… Erik Nordmark
- Re: Equably when it comes to privacy Abdussalam Baryun
- Re: Bruce Schneier's Proposal to dedicate Novembe… Tobias Gondrom
- Re: Bruce Schneier's Proposal to dedicate Novembe… Tobias Gondrom
- Re: Bruce Schneier's Proposal to dedicate Novembe… Phillip Hallam-Baker