Re: [Trans] DNSSEC also needs CT

Paul Wouters <paul@nohats.ca> Sun, 11 May 2014 15:38 UTC

Date: Sun, 11 May 2014 11:37:59 -0400
From: Paul Wouters <paul@nohats.ca>
To: Phillip Hallam-Baker <hallam@gmail.com>
In-Reply-To: <CAMm+LwjKDvi22SHLRDuEq=v4BXsD1_EyvCeuUxZBk7YDcLpr8w@mail.gmail.com>
Message-ID: <alpine.LFD.2.10.1405111136110.31230@bofh.nohats.ca>
References: <CAK3OfOjiL2DTJPH3CaAjg8YGrrwN56SgQ+DnqPXx4MLbgXQN+A@mail.gmail.com> <CAMm+Lwieij8Tm8V-gpE0eAfwie1dgtFL_Ga8dPkJFKJKLQDAcA@mail.gmail.com> <CAK3OfOiKjY6YyiyeHiFJrecZfj_uQ-2k+KucKnzb9Yt8VCRPOQ@mail.gmail.com> <CAHw9_iKpN7AXfrH6SzroMukrKTPR5z24U9KfWpVW-F2R_wX3ag@mail.gmail.com> <alpine.LFD.2.10.1405101722240.897@bofh.nohats.ca> <536F8BC4.5070405@fifthhorseman.net> <CAMm+LwjKDvi22SHLRDuEq=v4BXsD1_EyvCeuUxZBk7YDcLpr8w@mail.gmail.com>
User-Agent: Alpine 2.10 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/Hr80lu-aBr2dk6Z9PXlnRAsQFrw
Cc: "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] DNSSEC also needs CT
Precedence: list

On Sun, 11 May 2014, Phillip Hallam-Baker wrote:

> It is probably fair to assume that CT logs will be maintained by CAs

That would be a non-starter for those people (let's call them the defcon
crowd) who are looking at dnssec as a way out of the trust in a handful
of CAs or TLD operators.

> The main question is what purpose a CT log for DNSSEC would serve. For
> me the value would be to protect my domain against having it stolen by
> ICANN.

Or any of the parental zones above your own zone.

Paul

[Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] EXTERNAL: DNSSEC also needs CT Mehner, Carl
Re: [Trans] EXTERNAL: DNSSEC also needs CT Tao Effect
Re: [Trans] EXTERNAL: DNSSEC also needs CT Tao Effect
Re: [Trans] EXTERNAL: DNSSEC also needs CT Nico Williams
Re: [Trans] DNSSEC also needs CT Phillip Hallam-Baker
Re: [Trans] EXTERNAL: DNSSEC also needs CT Tao Effect
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] DNSSEC also needs CT Warren Kumari
Re: [Trans] DNSSEC also needs CT Paul Wouters
Re: [Trans] DNSSEC also needs CT Daniel Kahn Gillmor
Re: [Trans] DNSSEC also needs CT Phillip Hallam-Baker
Re: [Trans] DNSSEC also needs CT Paul Wouters
Re: [Trans] DNSSEC also needs CT Phillip Hallam-Baker
Re: [Trans] DNSSEC also needs CT Ben Laurie
Re: [Trans] DNSSEC also needs CT Joseph Bonneau
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] DNSSEC also needs CT Joseph Bonneau
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] DNSSEC also needs CT Salz, Rich
Re: [Trans] DNSSEC also needs CT Joseph Bonneau
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] DNSSEC also needs CT Joseph Bonneau
[Trans] Volunteer opportunity! (was Re: DNSSEC al… Melinda Shore
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Dmitry Belyavsky
Re: [Trans] DNSSEC also needs CT Ben Laurie
Re: [Trans] DNSSEC also needs CT Paul Wouters
Re: [Trans] DNSSEC also needs CT Nico Williams
[Trans] ***SPAM*** 8.1 (5) Re: DNSSEC also needs … Daniel Kahn Gillmor
Re: [Trans] DNSSEC also needs CT Nico Williams
[Trans] ***SPAM*** 7.971 (5) Re: ***SPAM*** 8.1 (… Ben Laurie
Re: [Trans] DNSSEC also needs CT Ben Laurie
Re: [Trans] DNSSEC also needs CT Nico Williams
[Trans] ***SPAM*** 8.956 (5) Re: ***SPAM*** 8.1 (… Nico Williams
Re: [Trans] DNSSEC also needs CT Paul Wouters
Re: [Trans] DNSSEC also needs CT Ben Laurie
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] DNSSEC also needs CT Paul Wouters
Re: [Trans] DNSSEC also needs CT Ben Laurie
[Trans] ***SPAM*** 8.1 (5) Re: Re: DNSSEC also ne… Daniel Kahn Gillmor
[Trans] ***SPAM*** 8.956 (5) Re: ***SPAM*** 8.1 (… Nico Williams
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Melinda Shore
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Dmitry Belyavsky
Re: [Trans] DNSSEC also needs CT Stephen Kent
Re: [Trans] DNSSEC also needs CT Osterweil, Eric
Re: [Trans] DNSSEC also needs CT Phillip Hallam-Baker
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] DNSSEC also needs CT Osterweil, Eric
Re: [Trans] DNSSEC also needs CT Paul Wouters
Re: [Trans] DNSSEC also needs CT Daniel Kahn Gillmor
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Stephen Kent
Re: [Trans] DNSSEC also needs CT Stephen Kent
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] DNSSEC also needs CT Stephen Kent
Re: [Trans] DNSSEC also needs CT Phillip Hallam-Baker
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] DNSSEC also needs CT Ben Laurie
Re: [Trans] DNSSEC also needs CT Ben Laurie
Re: [Trans] DNSSEC also needs CT Phillip Hallam-Baker
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Dmitry Belyavsky
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… i-barreira
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Ben Laurie
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Ben Laurie
Re: [Trans] DNSSEC also needs CT Stephen Kent
Re: [Trans] DNSSEC also needs CT Stephen Kent
Re: [Trans] DNSSEC also needs CT Nico Williams
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Stephen Kent
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Dmitry Belyavsky
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Ben Laurie
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Dmitry Belyavsky
Re: [Trans] Volunteer opportunity! (was Re: DNSSE… Ben Laurie
[Trans] trans doc issues Stephen Kent