Re: [perpass] A reminder, the Network is the Enemy...

Phillip Hallam-Baker <> Mon, 09 December 2013 05:54 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id ECFAB1AD8DA for <>; Sun, 8 Dec 2013 21:54:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id h1VqOXuY_M_d for <>; Sun, 8 Dec 2013 21:54:09 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c05::22f]) by (Postfix) with ESMTP id 878A71AD7BE for <>; Sun, 8 Dec 2013 21:54:09 -0800 (PST)
Received: by with SMTP id hi5so3237589wib.14 for <>; Sun, 08 Dec 2013 21:54:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=EG3GSVTbfrQqO0AcpzMjd40KxBQBuT0l8pQPbtPZvLM=; b=lSCARn+c6PHGMyPSdyUp4Nt9Xk6gSgcgDyq1aXYOhnXeJoyaKY0zWkkfg42+pkQeim WrFoTpKBkGiOzvtx8Bp5hsuDx0edO8KZwLA1wDlmp2T1Zka8ITnznHiqry7MR6Vjj6fx tKowRTApksfxy8LVLs/iBEcTJlJlNiEtdXh4pHjV3/T/DgNGFRCKQlUF2h6ggLCoQjPY p+N1QJtYloq6GuIj2FyWaPIeeCZuh+poS6eOnFsmWiiOASLrssZhbMViwaIKkiOHYi8M B7VSYtGdlGUaOLy+TPy8ctMLxIZ+A39vZV+wu0qeTkroWZgksLGxv/x0GyWr0xeazCRv 1Y7w==
MIME-Version: 1.0
X-Received: by with SMTP id z13mr13865186wjw.27.1386568444431; Sun, 08 Dec 2013 21:54:04 -0800 (PST)
Received: by with HTTP; Sun, 8 Dec 2013 21:54:04 -0800 (PST)
In-Reply-To: <>
References: <> <> <>
Date: Mon, 9 Dec 2013 00:54:04 -0500
Message-ID: <>
From: Phillip Hallam-Baker <>
To: Russ Mundy <>
Content-Type: multipart/alternative; boundary=047d7bfcfc9896544904ed139fc3
Cc: perpass <>, =?ISO-8859-1?Q?Matth=E4us_Wander?= <>
Subject: Re: [perpass] A reminder, the Network is the Enemy...
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 09 Dec 2013 05:54:12 -0000

On Thu, Dec 5, 2013 at 10:35 AM, Russ Mundy <> wrote:

> On Dec 5, 2013, at 5:09 AM, Matthäus Wander <>
> wrote:
> > * Nicholas Weaver [2013-12-02 17:56]:
> >> Actually spoofing DNSSEC replies even with knowledge of the root key is
> going to be difficult...
> >
> > If we assume the attacker can get the private root KSK from an US-based
> > corp, then we should also assume they can get the private root ZSK from
> > another US-based corp. As the owner of the root ZSK also owns the keys
> > for .com, the attack becomes much easier.
> If we (as the IETF) make an assumption that the DNSSEC private key(s) are
> "available" to some "unauthorized entity" (govt or otherwise) because a
> significant part of a particular operation is located in a particular
> geographic region then we need to also make a similar assumption for
> any/all Certification Authorities' root private key(s) since the underlying
> cryptographic technology widely used by TLS is basically the same.  The
> DigiNotar attack, though not geographically related, clearly illustrates
> that very bad things can happen when an "unauthorized entity" is able to
> have access to and use of root private keys for a CA.

I agree with respect to covert attacks. Yes there is a risk in both cases
and the right control is to establish a very high probability of detection
so that it becomes an overt attack.

What is unique in the case of the DNSSEC is that there is only one root and
thus a government can perform a denial of service attack against TLDs.For
example asserting that signing the Cuba or Palestine roots would breach
existing sanctions legislation or passing new legislation.

And such scenarios do not seem at all far fetched to me having watched the
government shutdown.