Re: [Trans] DNSSEC also needs CT

"Osterweil, Eric" <> Thu, 22 May 2014 17:32 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id EBF8F1A023D for <>; Thu, 22 May 2014 10:32:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id GeCB2i-pvJou for <>; Thu, 22 May 2014 10:32:42 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E63ED1A01C2 for <>; Thu, 22 May 2014 10:32:41 -0700 (PDT)
Received: from ([]) (using TLSv1) by ([]) with SMTP ID; Thu, 22 May 2014 10:32:40 PDT
Received: from ( []) by (8.13.6/8.13.4) with ESMTP id s4MHWdBV008179 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL) for <>; Thu, 22 May 2014 13:32:39 -0400
Received: from ([::1]) by ([::1]) with mapi id 14.03.0174.001; Thu, 22 May 2014 13:32:39 -0400
From: "Osterweil, Eric" <>
To: "" <>
Thread-Topic: [Trans] DNSSEC also needs CT
Thread-Index: AQHPa84LSH1SIX2llEKvVF71u2zhO5tNMA6AgAADCgA=
Date: Thu, 22 May 2014 17:32:38 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
x-originating-ip: []
Content-Type: multipart/signed; boundary="Apple-Mail=_EF12A61A-9F51-4CE6-918E-0A6B3818FF17"; protocol="application/pkcs7-signature"; micalg="sha1"
MIME-Version: 1.0
Subject: Re: [Trans] DNSSEC also needs CT
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 22 May 2014 17:32:44 -0000

On May 22, 2014, at 1:21 PM, Stephen Kent <>

> Nico,
>> DNSSEC is a PKI [of sorts; please, no need to pick nits about that].
> agreed.
>> It stands to reason that DNSSEC should have similar trust problems as
>> PKIX.  I believe it does indeed.
> PKIX, per se, does not have the trust problems that seem to motivate
> CT; the Web PKI does. That PKI has always had a serious problem because
> any TA can issue a cert for any Subject, irrespective of the Subject name.
> because DNSSEC intrinsically incorporate the equivalent of PKIX Name
> Constraints, it does not suffer from that specific problem. That's not to
> say that mis-issuance is not possible in DNSSEC, but rather that its
> effects are more limited.
>> It follows that things like CT that we're applying to PKIX should be
>> applied to DNSSEC as well, where possible.
> maybe.
>> I don't see any reason why CT couldn't be extended to DNSSEC.  IMO, it
>> should be done.
> I'll defer to DNS experts on that.

Without implying an presumption of expertise on DNS, I would argue that DNSSEC avoids the problems CT seems to be trying to solve by coupling its key learning (and verification) methods to the hierarchical namespace.  As Steve said (I believe) PKIX != Web PKI, and the problems addressed by CT seem to be focused more on the latter.  I don't think there is a key learning/verification dilemma in DNSSEC that CT is appropriate for.