Return-Path: <mundy@tislabs.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com
 (Postfix) with ESMTP id 5D1951A1F7C for <perpass@ietfa.amsl.com>;
 Sun,  8 Dec 2013 20:14:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level: 
X-Spam-Status: No,
 score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,
 RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com
 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Yv_bLs0-5lV for
 <perpass@ietfa.amsl.com>; Sun,  8 Dec 2013 20:14:29 -0800 (PST)
Received: from walnut.tislabs.com (walnut.tislabs.com [192.94.214.200]) by
 ietfa.amsl.com (Postfix) with ESMTP id 401421AC499 for <perpass@ietf.org>;
 Sun,  8 Dec 2013 20:14:29 -0800 (PST)
Received: from nova.tislabs.com (unknown [10.66.1.77]) by walnut.tislabs.com
 (Postfix) with ESMTP id 86E2E28B0017 for <perpass@ietf.org>;
 Sun,  8 Dec 2013 23:14:24 -0500 (EST)
Received: from spiff.tislabs.com (nova.tislabs.com [10.66.1.77]) by
 nova.tislabs.com (Postfix) with ESMTP id 7FD3A1F8034 for <perpass@ietf.org>;
 Sun,  8 Dec 2013 23:14:24 -0500 (EST)
Received: from ubvm (unknown [10.66.1.77]) by spiff.tislabs.com (Postfix) with
 ESMTPS id 435645BBBD68; Thu,  5 Dec 2013 10:35:33 -0500 (EST)
Received: from [127.0.0.1] (unknown [172.16.115.10]) (using TLSv1 with cipher
 ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested)
 (Authenticated sender: mundy) by ubvm (Postfix) with ESMTPSA id 0076F27F007;
 Thu,  5 Dec 2013 10:35:31 -0500 (EST)
Content-Type: text/plain; charset=iso-8859-1
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Russ Mundy <mundy@tislabs.com>
In-Reply-To: <52A050E7.8010405@uni-due.de>
Date: Thu, 5 Dec 2013 10:35:30 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <C94CFC5A-3A5E-427E-B269-2457A696E2DC@tislabs.com>
References: <C0D19C51-6EA6-4EAF-B9CB-D80F673262E5@icsi.berkeley.edu>
 <52A050E7.8010405@uni-due.de>
To: perpass@ietf.org
X-Mailer: Apple Mail (2.1510)
Cc: Russ Mundy <mundy@tislabs.com>,
 =?iso-8859-1?Q?Matth=E4us_Wander?= <matthaeus.wander@uni-due.de>
Subject: Re: [perpass] A reminder, the Network is the Enemy...
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. "
 <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>,
 <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>,
 <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Dec 2013 04:14:31 -0000

On Dec 5, 2013, at 5:09 AM, Matth=E4us Wander =
<matthaeus.wander@uni-due.de> wrote:

> * Nicholas Weaver [2013-12-02 17:56]:
>> Actually spoofing DNSSEC replies even with knowledge of the root key =
is going to be difficult...
>=20
> If we assume the attacker can get the private root KSK from an =
US-based
> corp, then we should also assume they can get the private root ZSK =
from
> another US-based corp. As the owner of the root ZSK also owns the keys
> for .com, the attack becomes much easier.

If we (as the IETF) make an assumption that the DNSSEC private key(s) =
are "available" to some "unauthorized entity" (govt or otherwise) =
because a significant part of a particular operation is located in a =
particular geographic region then we need to also make a similar =
assumption for any/all Certification Authorities' root private key(s) =
since the underlying cryptographic technology widely used by TLS is =
basically the same.  The DigiNotar attack, though not geographically =
related, clearly illustrates that very bad things can happen when an =
"unauthorized entity" is able to have access to and use of root private =
keys for a CA.

I've seen some references on this list saying (essentially) that it is a =
valid assumption that an "attacker" ("unauthorized entity" might be a =
better term) can get or already has the DNS root (& maybe .com) private =
key.  Although I do not believe that this is a valid assumption, I do =
assert that if we (as the IETF) decide to make such an assumption =
relative to DNS/DNSSEC then we must make the same assumptions about =
"unauthorized entities" being able to access private root key(s) for =
any/all CAs.  I'm not sure how the IETF would somehow factor =
geopolitical boundaries into defining protocol assumptions, I suspect =
that any useful results would probably take longer than it's taken to =
design, redesign, redesign and begin deployment of DNSSEC :-).

OTOH, if there is real interest and need to change and/or enhance the =
security operations &/or protocols for the DNS or CA realms, having =
concrete proposals (such as  =
draft-grothoff-iesg-special-use-p2p-names-00.txt) is much more useful =
than trying to reach agreement on assumptions like the above (& other =
earlier email assertions).


Russ

>=20
> Regards,
> Matt
>=20
> --=20
> Universit=E4t Duisburg-Essen
> Verteilte Systeme
> Bismarckstr. 90 / BC 316
> 47057 Duisburg
>=20
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass