Re: [perpass] A reminder, the Network is the Enemy...

Russ Mundy <mundy@tislabs.com> Mon, 09 December 2013 04:14 UTC

Return-Path: <mundy@tislabs.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D1951A1F7C for <perpass@ietfa.amsl.com>; Sun, 8 Dec 2013 20:14:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Yv_bLs0-5lV for <perpass@ietfa.amsl.com>; Sun, 8 Dec 2013 20:14:29 -0800 (PST)
Received: from walnut.tislabs.com (walnut.tislabs.com [192.94.214.200]) by ietfa.amsl.com (Postfix) with ESMTP id 401421AC499 for <perpass@ietf.org>; Sun, 8 Dec 2013 20:14:29 -0800 (PST)
Received: from nova.tislabs.com (unknown [10.66.1.77]) by walnut.tislabs.com (Postfix) with ESMTP id 86E2E28B0017 for <perpass@ietf.org>; Sun, 8 Dec 2013 23:14:24 -0500 (EST)
Received: from spiff.tislabs.com (nova.tislabs.com [10.66.1.77]) by nova.tislabs.com (Postfix) with ESMTP id 7FD3A1F8034 for <perpass@ietf.org>; Sun, 8 Dec 2013 23:14:24 -0500 (EST)
Received: from ubvm (unknown [10.66.1.77]) by spiff.tislabs.com (Postfix) with ESMTPS id 435645BBBD68; Thu, 5 Dec 2013 10:35:33 -0500 (EST)
Received: from [127.0.0.1] (unknown [172.16.115.10]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: mundy) by ubvm (Postfix) with ESMTPSA id 0076F27F007; Thu, 5 Dec 2013 10:35:31 -0500 (EST)
Content-Type: text/plain; charset=iso-8859-1
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Russ Mundy <mundy@tislabs.com>
In-Reply-To: <52A050E7.8010405@uni-due.de>
Date: Thu, 5 Dec 2013 10:35:30 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <C94CFC5A-3A5E-427E-B269-2457A696E2DC@tislabs.com>
References: <C0D19C51-6EA6-4EAF-B9CB-D80F673262E5@icsi.berkeley.edu> <52A050E7.8010405@uni-due.de>
To: perpass@ietf.org
X-Mailer: Apple Mail (2.1510)
Cc: Russ Mundy <mundy@tislabs.com>, =?iso-8859-1?Q?Matth=E4us_Wander?= <matthaeus.wander@uni-due.de>
Subject: Re: [perpass] A reminder, the Network is the Enemy...
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Dec 2013 04:14:31 -0000

On Dec 5, 2013, at 5:09 AM, Matthäus Wander <matthaeus.wander@uni-due.de> wrote:

> * Nicholas Weaver [2013-12-02 17:56]:
>> Actually spoofing DNSSEC replies even with knowledge of the root key is going to be difficult...
> 
> If we assume the attacker can get the private root KSK from an US-based
> corp, then we should also assume they can get the private root ZSK from
> another US-based corp. As the owner of the root ZSK also owns the keys
> for .com, the attack becomes much easier.

If we (as the IETF) make an assumption that the DNSSEC private key(s) are "available" to some "unauthorized entity" (govt or otherwise) because a significant part of a particular operation is located in a particular geographic region then we need to also make a similar assumption for any/all Certification Authorities' root private key(s) since the underlying cryptographic technology widely used by TLS is basically the same.  The DigiNotar attack, though not geographically related, clearly illustrates that very bad things can happen when an "unauthorized entity" is able to have access to and use of root private keys for a CA.

I've seen some references on this list saying (essentially) that it is a valid assumption that an "attacker" ("unauthorized entity" might be a better term) can get or already has the DNS root (& maybe .com) private key.  Although I do not believe that this is a valid assumption, I do assert that if we (as the IETF) decide to make such an assumption relative to DNS/DNSSEC then we must make the same assumptions about "unauthorized entities" being able to access private root key(s) for any/all CAs.  I'm not sure how the IETF would somehow factor geopolitical boundaries into defining protocol assumptions, I suspect that any useful results would probably take longer than it's taken to design, redesign, redesign and begin deployment of DNSSEC :-).

OTOH, if there is real interest and need to change and/or enhance the security operations &/or protocols for the DNS or CA realms, having concrete proposals (such as  draft-grothoff-iesg-special-use-p2p-names-00.txt) is much more useful than trying to reach agreement on assumptions like the above (& other earlier email assertions).


Russ

> 
> Regards,
> Matt
> 
> -- 
> Universität Duisburg-Essen
> Verteilte Systeme
> Bismarckstr. 90 / BC 316
> 47057 Duisburg
> 
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass