Slashdot Mirror

← Back to Stories (view on slashdot.org)

Experts Tell Feds To Sign the DNS Root ASAP

Posted by kdawson on from the digital-john-hancock dept.

alphadogg sends along news that the US National Telecommunications and Information Administration has gotten plenty of feedback on its call for comments on securing the root zone using DNSSEC. The comment period closed yesterday, and more than 30 network and security experts urged the NTIA to implement DNSSEC stat. There were a couple of dissenting voices and a couple of trolls.

147 comments

  1. Feds are going to listen and ACT upon this? by geekmux · · Score: 4, Funny

    (Satan unpacking his sno-cone machine)

    "'Bout damn time I got to use this thing..."

  2. Trolls equal... by Jizzbug · · Score: 1, Interesting

    ...something with an uncommon opinion. In my experience, the trolls are usually right.

    --

    -=/\- Jizzbug -/\=-
    1. Re:Trolls equal... by Anonymous Coward · · Score: 4, Funny

      In my experience, the trolls are usually right.

      "You know, that 13-year-old kid DOES have a point. We should all stretch our anuses and put various large fruits inside our rectal cavities. And what those two ladies are doing with that cup is sheer genius. And I'm certain we can't agree more with his opinion of 'FUCK FUCK FUCK U CUNTS SHIT FUCK DAMN PISS COCK FUCK'. Gentlemen, as usual, we find that the trolls are, indeed, right! To the anus-stretching machines!"

    2. Re:Trolls equal... by Sir_Lewk · · Score: 2, Funny

      Oh the irony is sickening. All he did was state his apparently uncommon opinion and he gets modded troll?

      --
      "linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
    3. Re:Trolls equal... by Chyeld · · Score: 1

      Trolls equal... (Score:-1, Troll)
      by Jizzbug (101250) on 11-25-08 01:16 PM (#25889765)

      ...something with an uncommon opinion. In my experience, the trolls are usually right

      Luckly, others agree and have modded you appropriately...

      Oh, wait...

    4. Re:Trolls equal... by e9th · · Score: 5, Funny

      Well, by his definition he's really been moderated "right".

    5. Re:Trolls equal... by sexconker · · Score: 1

      No, he's been moderated as expected. There's no implication that it was "right", correct, or just.

    6. Re:Trolls equal... by Sir_Lewk · · Score: 1

      Touché good sir.

      --
      "linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
    7. Re:Trolls equal... by skrolle2 · · Score: 3, Insightful

      Except that trolling is taking an uncommon opinion just for the fun of it, to spark debate, to troll for comments, and to just piss people off.

      The claim that the trolls are usually right is wrong, they're actually not interested in the factual matters, they're only interested in controversy. ...wait, did I just get trolled? Crap.

    8. Re:Trolls equal... by mikkelm · · Score: 1

      Score:0, Troll

      This troll is right.

    9. Re:Trolls equal... by icedcool · · Score: 1

      Mod this guy up. He has somewhat of a point...

      Just because someone doesn't agree doesn't mean they are a troll, someone that is saying something to insight trouble is a troll.

      --
      Most people aren't thought about after they're gone. "I wonder where Rob got the plutonium" is better than most get.
    10. Re:Trolls equal... by FatdogHaiku · · Score: 2, Funny

      Touch WHAT?

      --
      You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
    11. Re:Trolls equal... by shentino · · Score: 1

      I'd consider the guys who DDoS'ed blue frog awhile ago to be trolls of the "Might makes Right" type.

    12. Re:Trolls equal... by Ihmhi · · Score: 2, Informative

      TouchSlashcodefucksupUnicode.

      --
      Random Thoughts From A Diseased Mind (Not For Dummies)
    13. Re:Trolls equal... by ceoyoyo · · Score: 4, Insightful

      Omit your second reason and I'll give you your definition. Taking an unusual viewpoint to spark debate is highly useful.

      I used to have a roommate who was doing a degree in social work. She came home one day gushing about the great debate they'd had. Everyone agreed! That's not a debate. That's a love-in badly in need of a skeptic (otherwise known as a shit-disturber).

    14. Re:Trolls equal... by Anonymous Coward · · Score: 0

      Pretty soon they'll be cracking http://change.gov/cms and stretching even more

    15. Re:Trolls equal... by marcosdumay · · Score: 1

      "Taking an unusual viewpoint to spark debate is highly useful."

      No, it is mostly useless. Debate is not something usefull on itself. Taking an unusual viewpoint is only usefull when there is some merit on that viewpoint.

      --
      Rethinking email
    16. Re:Trolls equal... by ceoyoyo · · Score: 1

      There is merit in almost any viewpoint. Particularly when everyone seems to agree with something, there's a lot of merit in considering an alternative.

      Hanging onto that viewpoint in the face of overwhelming contrary evidence is another matter entirely.

    17. Re:Trolls equal... by Ant+P. · · Score: 1

      é

      Neat trick I found out the other day. Slashdot actually lets you use HTML entities.

  3. DNSSEC ready for prime time? by jonaskoelker · · Score: 3, Interesting

    Is DNSSEC ready for prime time?

    Last I checked (admittedly more than a year ago), they were still working on a good way of refreshing the key; there were also other problems with DNSSEC that made it not quite ready for prime time.

    Does anyone know if the people involved have all said "Yep, it's done now, go use it"?

    It'd suck to be in the IPv4 situation: there's this thing we want to migrate to as soon as everyone else does as well.

    It's easy to say "let's try out some shit and drop it if it doesn't work" when very few people grow dependent on your work; when the whole world does so, it's a bit more difficult.

    1. Re:DNSSEC ready for prime time? by WiglyWorm · · Score: 5, Funny

      Well, the U.S. owns the internet, right? We should just pass a law for IPv6.

    2. Re:DNSSEC ready for prime time? by i.of.the.storm · · Score: 1, Insightful

      Huh? Was that post tongue in cheek, and the mods are just crazy, or am I missing something?

      --
      All your base are belong to Wii.
    3. Re:DNSSEC ready for prime time? by supradave · · Score: 1, Interesting

      Yes, it's ready. Secure64 has a secure operating system that was written from scratch to take advantage of the features of Itanium2 and a TPM, that is immune to rootkits and malware, that can hide the keys and sign the zone. One line in the NSD-like config, 'dnssec-automate: yes' and your zones are signed with 'best practice' key lengths and roll-over times.

      But it's not open source. How could anyone trust it? Independent labs have verified the claims. Yes, we're trying to sell a product that solves a problem and we're the only company that has the secure platform to do it with.

      It can act as the authoritative signer or it can plug in between your current authoritative and slaves and do a man-in-the-middle signing. No real changes to the infrastructure required.

      Nothing stopping people from abusing themselves with doing it manually.

      And it's DDoS resistant and does over 100,000 DNS qps, even under a DDoS attack (up to wire saturation).

    4. Re:DNSSEC ready for prime time? by arotenbe · · Score: 3, Interesting

      It's easy to say "let's try out some shit and drop it if it doesn't work" when very few people grow dependent on your work; when the whole world does so, it's a bit more difficult.

      In fact, that was what got us into this mess in the first place. We can't replace any part of the internet without breaking everything, so we just keep tacking on new standards and quick-fix patches. Someone needs to redesign the whole thing with an generalized, expandable security model. But then we would have two internets...

      "I think the problem here may be more of a question of getting rid of the bad internets and keeping the good internets."

      --
      Tomato wedge sperm darts that are Republican.
    5. Re:DNSSEC ready for prime time? by WiglyWorm · · Score: 1

      My post was very tongue in cheek. Not sure why I'm +5 informative.... +funny, maybe...

    6. Re:DNSSEC ready for prime time? by Cyberax · · Score: 2, Informative

      NSEC3 (http://tools.ietf.org/html/rfc5155) solves most of initial DNSSEC problems. But it's not yet supported by production versions of major DNS servers.

    7. Re:DNSSEC ready for prime time? by jonaskoelker · · Score: 0, Redundant

      Not sure why I'm +5 informative.... +funny, maybe...

      Someone wanted to give you a Karma bonus; points for Funny doesn't give you that.

      And even if it's mostly funny at first, the point underneath may very well be insightful.

    8. Re:DNSSEC ready for prime time? by jonaskoelker · · Score: 1

      Actually, I think that would work, if those not converting are punished.

      I think the rest of the world will follow suit. There are enough interesting pages on US-based servers that not offering IPv6 transit is a business non-starter.

      Would it be a good idea? "I'm from the government and I'm here to help you". I'm not sure what the outcome would be, and I think that outcomes are ultimately that which we should judge governmental actions by.

    9. Re:DNSSEC ready for prime time? by afidel · · Score: 3, Interesting

      That RFC makes my head hurt. After a few readings I can usually grok most RFC's, but that one is particularly dense with acronyms and references to other DNSSEC concepts not included in the RFC. Also I don't see any provision for multiple signers, my ideal system has each of the ROOT servers having their own key and each zone being signed with each of the keys from the ROOTS they trust. That way if some government or corporation does something you disagree with you can choose to revoke their key as either a signor or a receiver.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    10. Re:DNSSEC ready for prime time? by neoform · · Score: 1

      The US owns the network within their borders.

      Every country owns their own portion of the internet.

      Saying that the US owns the internet is like claiming the US owns Earth; the US controls the DNS servers, much the way the US has the most power in the world.. but that doesn't change that they only control the part of the internet that's located on US soil.

      --
      MABASPLOOM!
    11. Re:DNSSEC ready for prime time? by Joe+Snipe · · Score: 1

      Your comment made me realize how addicted I have become to World of Goo.

      --
      Sometimes, life itself is sarcasm...
    12. Re:DNSSEC ready for prime time? by Anonymous Coward · · Score: 0

      /s

      There fixed that for ya.

    13. Re:DNSSEC ready for prime time? by Ghubi · · Score: 1

      The US owns the network within their borders.

      AT&T, Time Warner, and Comcast might beg to differ with ya there. They seem to think they own the internet within the USA.

    14. Re:DNSSEC ready for prime time? by leenks · · Score: 1

      Whoosh

    15. Re:DNSSEC ready for prime time? by rs79 · · Score: 2, Interesting

      "Is DNSSEC ready for prime time?"

      Nope.

      I note with relish Vint Cerf and Joe Baptista, who couldm't be more apart on DNS agree that something othre than DNSSEC shuld be used. This is probably the only thing they agree on. And they're quite right.

      --
      Need Mercedes parts ?
    16. Re:DNSSEC ready for prime time? by xous · · Score: 1

      ICANN (A US Corporation) controls the root '.' DNS zone. They are the only company that can add DNSSEC. (Ignoring alternative root servers)

    17. Re:DNSSEC ready for prime time? by neoform · · Score: 1

      any country can decide to not use those DNS servers.. (e.g. China)

      --
      MABASPLOOM!
    18. Re:DNSSEC ready for prime time? by xous · · Score: 1

      They can /decide/ not to use those servers but your forgetting that people are lazy. Current resolver implementations are shipped with a root hints file that uses ICANN's servers. This also wouldn't prevent anyone from just using ICANN's anyway. (Unless they actively blocked connections to those servers)

  4. Why bother? For a CHEAP PKI... by nweaver · · Score: 5, Interesting

    With a conventional PKI for your SSL certificates, Verisign or the other CA gets a cut for EVERY server.

    With DNSSEC, the "CA" only gets a cut per domain. Thus DNSSEC can be used to offer key distribution with far less cost, once the root and the TLDs start signing records.

    (Not an original argument, but I agree with it.)

    --
    Test your net with Netalyzr
  5. DNS by Gizzmonic · · Score: 5, Funny

    Are you troubled by DNS cache poisoning...well don't worry!

    I wrote a song about it!

    Your domain will be safe,
    You'll be well on your way
    With DNS-SEC security!

    Signing is a breeze,
    Bring hackers to their knees
    With DNS-SEC security!

    I know you're grown attached to old
    Ways of doing things
    But when you update BIND
    Your heart will race to sing!

    DNS-SEC implementation
    Put the spammers on permanent vacation
    DNS-SEC implementation
    I hear it's got great documentation!

    Bind me, baby!

    (GUITAR SOLO)

    --
    (-1, Raw and Uncut is the only way to read)
    1. Re:DNS by DittoBox · · Score: 4, Funny

      You don't have a job do you?

      --
      Good. Cheap. Fast. Pick Two.
    2. Re:DNS by mrjohnson · · Score: 4, Funny

      Your domain will be safe,
      You'll be well on your way
      With DNS-SEC security!

      For some reason I heard Cartman's voice. Securi-tay

    3. Re:DNS by syousef · · Score: 4, Funny

      I have written a song for you too:

      Your musical ability
      Is sure to wisk you merrily
      From this shallow pool of genes
      For with music like that my friend,
      you'll never get laid,
      You'll never get laid.

      (Git-ar solo)

      --
      These posts express my own personal views, not those of my employer
    4. Re:DNS by callinyouin · · Score: 1

      I think you should change,
      "Bring hackers to their knees"
      to...
      "Bring hackers to their fucking knees"

      It just flows better.

    5. Re:DNS by Randle_Revar · · Score: 1

      >Git-ar

      Everyone uses git nowadays, but who uses ar? ... I think .deb does.

      Does this have something to do with git-buildpackage?

      --
      Climate Progress - Hell and High Water
    6. Re:DNS by syousef · · Score: 1

      Everyone uses git nowadays, but who uses ar? ... I think .deb does.

      My mistake. I should have said Git-tar. (Git-bzip2 just doesn't quite fit).

      --
      These posts express my own personal views, not those of my employer
    7. Re:DNS by Anonymous Coward · · Score: 0

      battery

    8. Re:DNS by MegaFur · · Score: 1

      I have been out of the loop for some time now. What tune should this be sung to?

      --
      Furry cows moo and decompress.
    9. Re:DNS by Anonymous Coward · · Score: 0

      respect my certificate autoritaaaaaah

  6. Btw, serious question: by Jizzbug · · Score: 0

    which "comments received" are being considered trolls?

    As you can see, I was right... And I'm being considered a troll because of it.

    This is the most troll-like comment I can find:

    http://www.ntia.doc.gov/DNS/comments/comment007.pdf

    but he's just being blunt and honest. Not that ICANN isn't corrupt, but he's not wrong about VeriSign!

    Personally, I think ISC should be in charge of the keys, but I didn't comment to say so (I would have been considered a troll, prolly).

    --

    -=/\- Jizzbug -/\=-
    1. Re:Btw, serious question: by Bill,+Shooter+of+Bul · · Score: 1

      Its not really what you say that makes you a troll( in this case), but how you say it, in this case. That comment isn't wrong, but its not using appropriate language for the forum. If he had just said something like "Verisign has repeatedly acted to maximize its short term profits at the expense, and against the interests of the general internet community. Therefore I feel it would be unwise to give them this additional responsibility."

      --
      Well.. maybe. Or Maybe not. But Definitely not sort of.
  7. not so fast by ejtttje · · Score: 5, Interesting

    I wouldn't be so quick brush aside dissension on this issue. This comment in particular:
    http://www.ntia.doc.gov/DNS/comments/comment034.pdf
    seemed well thought out, and at the end suggests several other workarounds with fewer issues. Namely, switch to using TCP instead of UDP so there's a handshake involved instead of blindly accepting incoming datagrams. It's not that the bug shouldn't be addressed, but maybe DNSSEC is the wrong answer.

    1. Re:not so fast by Intron · · Score: 2, Interesting

      Unfortunately, the comment is wrong. The Kaminsky bug is not cache poisoning by fraudulent UDP packets (which is a concern), it is using glue records to provide false NS address. Example:

      You visit a website which pulls an image from subdomain.malicious.example.com. To get that, you need to know its nameserver. So you ask malicious.example.com who tells you that the nameserver is ns.citibank.com and oh, BTW that address is 666.666.666 (glue record). Now your cache has a phony address for ns.citibank.com. This would be the same whether you were using TCP, UDP or carrier pigeon. Glue records are part of the DNS protocol.

      The way to fix the Kaminsky bug is not to switch to TCP or DNSSEC, it is to not cache glue records.

      --
      Intron: the portion of DNA which expresses nothing useful.
    2. Re:not so fast by Eunuchswear · · Score: 1

      You visit a website which pulls an image from subdomain.malicious.example.com. To get that, you need to know its nameserver. So you ask malicious.example.com who tells you that the nameserver is ns.citibank.com and oh, BTW that address is 666.666.666 (glue record).

      And you throw away the glue record 'cos ns.citibank.com is not inside malicious.example.com.

      Baliwick, right?

      --
      Watch this Heartland Institute video
    3. Re:not so fast by afidel · · Score: 1

      That was brought up when the flaw was released and the reason it doesn't work is that the glue records were a workaround for another DNS flaw (which I can't remember at the moment).

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    4. Re:not so fast by jonaskoelker · · Score: 1

      seemed well thought out

      It does, although I have some additions and disagreements.

      They characterize the spoofability of DNS replies as a flaw in UDP. I think that's incorrect. UDP isn't marketed as a data integrity protocol, it's marketed as a transport protocol. That job it does fine. TCP is the same thing: a transport protocol.

      A blind attacker against UDP has to guess a source port and a transaction ID. A blind attacker against TCP has to guess an initial sequence number as well. If you use SYN cookies (http://cr.yp.to/syncookies.html), that means 24 extra bits of randomness, for 56 in total. It's better than 32 (which takes 10 hours), but again: this is against blind attackers [those not in the middle].

      If you worry about men in the middle (as the paper does), TCP offers you no bonus: the man in the middle simply spoofs the receiving server's SYN+ACK and DNS reply.

      As an addition: with any DNS, you have to trust not only that the servers you get replies from are those you should be getting replies from, but also that they act how their customers want them to.

      That is, you have to trust them to give the right answers. DNSSEC doesn't ensure that when .com gives you the key for google.com, it really is the key google wanted .com to give you. It only gives you a key for google.com which you can check has been used to sign the records for google.com; .com could easily give you their key and the altered google.com records signed with th .com key.

      That taken into consideration, we have to trust the DNS servers. If we have authentic communication with them (through DNSCurve), we don't need the records to be stored in signed form, since they are signed during the transit and we trust the servers to give us the correct records.

      However, we still need some way of knowing the public key for the DNS servers we wish to contact.

      In summary:

      • Using UDP currently makes the easiest form of attack not too easy; moving to TCP makes it quite hard, but ultimately won't fix that problem.
      • Moving to TCP won't fix the man-in-the-middle
      • Using DNSCurve doesn't fixed the most important issue: that if we only have one CA (the root), we have all the problems of only having a single CA

      • I think the latter point is more problematic.

        The attacks worth carrying out to a degree where it causes people real problems are either against single big targets (DDos or break-in), or those easy to carry out in big numbers where you can extract money from your victim (Web Bank Phishing). The first doesn't affect individual citizens, and the second is handled through SSL. What's left to fix in DNS again?

        A cute side-note about DNSCurve: it uses the disemvoweled base32 alphabet (see http://en.wikipedia.org/wiki/Base32, grep for NVRAM and nintendo), but it allows 'u' instead of, say, '-' (which is a valid DNS character). I would like to use the public key fuckfuckfuckfuckfuckfuckfuck.jonaskoelker.some-dns.com ;)

    5. Re:not so fast by leto · · Score: 1

      you want a 3-way handshake per dns lookup? Are you crazy? Do you even know how many dns lookups your browser creates on average.

      You'd be looking at 10 seconds delay for a webpage like slashdot easilly

    6. Re:not so fast by modmans2ndcoming · · Score: 1

      TCP? are you insane? you will bloat the DNS system tremendously and it will then become susceptible to the sockstress attack performed on TCP stacks which exploits the way TCP is suppose to work.

    7. Re:not so fast by modmans2ndcoming · · Score: 1

      uhh... no, but thanks for playing.

    8. Re:not so fast by Anonymous Coward · · Score: 0

      Just like everything else, thwart the actual issue and side step it with a new technology. This is why I HATE microsoft software, they never fix stuff, they just break it a different way.

    9. Re:not so fast by ejtttje · · Score: 1

      Hate to break it to you, but it sounds to me like the encryption and key lookups from a lot of these other solutions have are going to have a lot more overhead than the TCP handshake.

      Besides, you have to do a TCP handshake for every HTTP connection, which is a concern (hence "keep-alive" option), but it's hardly a 10 second delay. Especially since you'll be querying your ISP's nameserver, so it'll be low-latency, not some distant server. And DNS entries are cached anyway, so it's not nearly as bad as you make it sound.

      That said, this isn't really my thing, but I'm hesitant regarding the bias to have the DNSSEC people rush their stuff into place as one of the core internet services when there are both other solutions and misgivings with theirs. This deserves some careful thought, not brushing criticisms aside as "trolls".

    10. Re:not so fast by Wowlapalooza · · Score: 3, Interesting

      That was the Kashpureff attack, not the Kaminsky attack. Your understanding of DNS cache poisoning attacks is unfortunately about a decade out of date. All major resolver implementation now do "bailiwick checking" and aren't fooled by crude, cheap tricks as you describe.

      The Kaminsky attack does use forged packets, which then poison the cache with bogus NS records in ways that are not blocked by bailiwick-checking. These bogus NS records then "redirect" future queries of names under the same delegation point. Yes, using TCP exclusively would add much more entropy to DNS transactions, and thus make them much more resilient to forgery and thus to Kaminsky attacks.

      But, at what cost? TCP is a hog, and typical DNS servers perform many millions of queries a day. Tens of millions and even hundreds of millions, are not uncommon.

      Also, the DNS standards explicitly say that TCP is used for ordinary queries only as a fallback in case the response doesn't fit in a UDP packet -- and since the introduction of EDNS0 it's actually becoming quite rare for TCP fallback to become necessary. So the standards would have to be updated, and DNS software would then have to be modified to reflect the new standards. DNSSEC has a huge head-start on your "TCP exclusively" proposal along the standards-approval process.

      Lastly, many firewall rulesets wouldn't allow TCP queries and responses as a regular occurrence, so they would need to be updated as well

      All of this would take many years to implement. From a cost/benefit standpoint and a how-soon-to-implement standpoint, DNSSEC comes out ahead of "TCP exclusively" and what you get when all is said and done is superior protection against Kaminsky attacks.

      "TCP exclusively" isn't a particularly original idea, by the way, see http://www.merit.edu/mail.archives/nanog/msg10298.html (August 9) and the subsequent discussion

    11. Re:not so fast by tamyrlin · · Score: 1

      I just briefed through this document and found something which was hideously wrong: (Oh dear, someone is wrong on the Internet!)

      "1024-bit encryption can be easily broken by script kiddies via bot nets or large
      organizations and governments having access to similar technology (computer
      resources). DNSSEC provides the world with a false sense of security."

      As far as I know there is zero evidence that script kiddies are capable of
      breaking 1024-bit RSA regardless of how many computers on the Internet that
      they have access to. Perhaps some government agencies can do this but there is
      certainly no evidence for this in the public literature...

    12. Re:not so fast by Phroggy · · Score: 1

      The Kaminsky exploit involves getting a reply to a request for subdomain.malicious.example.com that includes a glue record for www.example.com, which passes the bailiwick test.

      --
      $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
      $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
    13. Re:not so fast by Eunuchswear · · Score: 1

      By forging a reply to a request for subdomain.malicious.example.com, right?

      --
      Watch this Heartland Institute video
  8. Centralized DNS really the answer? by NinthAgendaDotCom · · Score: 3, Interesting

    It's funny how a regulated DNS still has so many security problems. I wonder if a distributed, non-governmental DNS that used a web of trust / trust ratings would work better for domain resolution.

    --
    -- http://ninthagenda.com/
    1. Re:Centralized DNS really the answer? by sexconker · · Score: 1

      Yeah, lets do that.
      I for one welcome our soon-to-be DNS bombing, v1agr@ providing overlords.

    2. Re:Centralized DNS really the answer? by Fastolfe · · Score: 1

      I can't imagine a way that this would work that would be anything but a total disaster. Since there would (presumably) be no central authority, you have no way of knowing that http://example.com/ is the same http://example.com/ that someone else is looking at. How would you share links? How would a bank advertise its URL? How would domain registrations work? How would SSL certificate registrations be vetted? If you try to distribute the SSL function as well, now you have no idea if https://example.com/ is the same https://example.com/ that someone else is looking at.

      The only way I can see this working is if we switched to a non-hierarchical (hierarchy requires an authority at the root) system, using GUIDs or some other mechanism that has some guarantees about uniqueness. But now you have two problems: 1) the label is useless, because you can't remember it or give it out in a TV commercial; and 2) you'd have store all of those labels someplace in a big, flat database.

      A need exists for a set of (reasonably) persistent, unique, meaningful identifiers for services on the Internet, and in order to ensure this, you need a central registry.

    3. Re:Centralized DNS really the answer? by Chandon+Seldon · · Score: 1

      If you know how to do it, do it. Even if you aren't comfortable with network programming, if you can specify a distributed DNS system that works, people will implement it for you. But it's awfully hard to argue that something that no-one has managed to implement is a better solution to a problem with an existing popular solution.

      --
      -- The act of censorship is always worse than whatever is being censored. Always.
    4. Re:Centralized DNS really the answer? by rs79 · · Score: 1

      "A need exists for a set of (reasonably) persistent, unique, meaningful identifiers for services on the Internet, and in order to ensure this, you need a central registry."

      Rubbish. As Bernstein pointed out a decade ago you could publish a cryptographically signed root zone via usenet.

      You'd probably want some tool to check consistancy and some tool to let you pick what tlds you want to support.

      So you don't actually need a central registry. You might say you need a single DNS root zone but you'd e wrong there too. Some people may want only .com and .us. Others may want whats there now. Others may want what's there now plus some of the other 1000 tlds that have been in submarine mode for a decade.

      While that may seem on the face of it, retarded, the cat was let out of the bag when people began spamblocking entire tlds from their universe (you need to primary the root for yourself, but this is trivial).

      As for DNSSEC I agree with Berntsteins decade old comments. It's garbage and there are much better ways to do this. An as much as I'm loathe to agree with Baptista, it does provide a false sense of security for a number of reasons (rogue employees being the one he mentioend, and Netsols MS mistake is about all the proof you need).

      --
      Need Mercedes parts ?
    5. Re:Centralized DNS really the answer? by Fastolfe · · Score: 1

      You might say you need a single DNS root zone but you'd e wrong there too. Some people may want only .com and .us.

      .com and .us are just roots of their own trees. Here, the roots are named, and you still need some authority to guarantee that this one .com is the same .com that everyone else is looking at. Once you distribute that function, you introduce ambiguity. What happens when someone else wants to start up their own .com? How do you guarantee that the "real" .com is the one people see if you have no central authority? Sure, you can distribute all of this via USENET, but you still have to get everyone to agree upon an authority.

  9. An explanation please? by PhysicsPhil · · Score: 4, Interesting

    For those of us who trust that this is something that matters, but aren't nerdy enough to understand. What is the problem that the experts were being consulted about?

    1. Re:An explanation please? by Anonymous Coward · · Score: 5, Informative

      It's about the DNS poisoning attacks from a few months ago. DNS Sec works properly when the top servers can vouch for the next server down the tree, but this only works if the top servers are secured with a well known public key.

      The issue is that the Federal bureau in charge of the root servers felt it had to go through the same bureaucratic process of getting consent, comments and so on and so forth that all federal regulations have to go through, by law. This takes a while, and a lot of people think they should have just done it.

      John Roth

    2. Re:An explanation please? by supradave · · Score: 2, Insightful

      The problem is that DNSSEC is a manually intensive proposition. Keys have to be rolled daily and those keys have to be generated on a machine that is not connected to a network, i.e. sneaker net. The problem stems from current OS implementations that allow you to have access to all the memory. If I could compromise your signing keys, I could sign your zone with my keys and probably get away with further damage as people would inherently trust DNS. The issue is automation. Since you cannot, on Linux or Windows or other OS, have it online and sign the keys automatically, the manual process takes a back seat. It would be a very time consuming job to handle more than a small zone. Plus the NIST manual is about 120 pages on how to do it to what the NIST standards would require. It not a trivial proposition. Since the keys from the signing box are in the clear, as well, they could be thefted by a crafty thief. Or they could walk out with the thumb drive that they were stored on for the sneaker net transaction.

    3. Re:An explanation please? by Chandon+Seldon · · Score: 1

      Why would it be any more difficult than running an automated CA? It's basically the same problem, and automated CAs manage to issue certificates in real time without too much trouble.

      --
      -- The act of censorship is always worse than whatever is being censored. Always.
    4. Re:An explanation please? by supradave · · Score: 1

      The problem with CA's is that, in general, when people get to a site with SSL that doesn't have a valid CA, people will tend to click through. I know I do it and I know the risks. I know not to do that if I'm going to a site that I exchange money with, but other sites I click through. Also, when phished, you may get to a duplicate site where you type in your username and password and then get forwarded back to your intended site, but the phisher now has your username and password. The problem with CA's is that if you cannot trust that you are actually getting to the site you expect to be at, what's the point? If you're not certain, you can be violated (taken for a ride, robbed, etc.). And who's to say that there aren't malicious cert providers that will provide a valid cert to a malicious site. Nobody is saying that CA's aren't valid, but if you cannot be sure you're going where you think you're going, no amount of extra security is going to help in every instance.

      With signed zones, you can verify that you are really talking to someone's email server and that they are talking to you. spam could be reduced. I'd welcome that.

    5. Re:An explanation please? by Anonymous Coward · · Score: 0

      Since the keys from the signing box are in the clear, as well, they could be thefted by a crafty thief. Or they could walk out with the thumb drive that they were stored on for the sneaker net transaction.

      Use a physically and remotely inaccessible system with only a power connection and a serial line. Allow only data in and signatures out. No other access, no software changes. Put as much automation as you want on other machines.

      I don't see any reason your signing keys have to be stored in the clear where people you don't trust have access to them.

  10. No goatse at NTIA by Jizzbug · · Score: 0

    I'm pretty sure if you look through the "comments received" on this issue, you will find NO goatse!

    Nevertheless: hahaha

    --

    -=/\- Jizzbug -/\=-
  11. Re:Why bother? For a CHEAP PKI... by ObsessiveMathsFreak · · Score: 5, Insightful

    Congratulation! You've just explained why the DNSSEC will never be implemented on the root server.

    --
    May the Maths Be with you!
  12. Gotten? by kick_in_the_eye · · Score: 1

    | Administration has gotten plenty of feedback

    WTF?

    try "received"

    Administration has received plenty of feedback

    Much better.

    1. Re:Gotten? by Anonymous Coward · · Score: 0

      feedback get!!!

    2. Re:Gotten? by bipbop · · Score: 4, Funny

      Gotten is standard in American English.

    3. Re:Gotten? by Jizzbug · · Score: 0

      Also,

      It's spelled "imfamous" and "dilemna", regardless of what your st00pid spellchecker says.

      --

      -=/\- Jizzbug -/\=-
    4. Re:Gotten? by jd · · Score: 1

      Ok, that does it. Gotten is legit American English? I'm going to patent the English language and sue Websters.

      --
      It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
    5. Re:Gotten? by TheRaven64 · · Score: 1

      It's also valid UK English, although it's somewhat archaic and only common in a few regional dialects.

      --
      I am TheRaven on Soylent News
    6. Re:Gotten? by Almahtar · · Score: 1
      As is "nother"

      This is one thing, but that's a whole nother thing.

      That doesn't mean it doesn't eat your soul little by little, day by day. It watches, and waits.

    7. Re:Gotten? by againjj · · Score: 1

      | Administration has gotten plenty of feedback WTF? try "received" Administration has received plenty of feedback Much better.

      What's wrong with gotten? It's a pp of get. Like "have taken". Try googling it. One thing to note is that it has dialectical variations -- "have got" and "have gotten" are different in some dialects but not others.

  13. exactly by Jizzbug · · Score: 0

    This is the most troll-like comment I can find:

    http://www.ntia.doc.gov/DNS/comments/comment007.pdf

    but he's just being blunt and honest. Not that ICANN isn't corrupt, but he's not wrong about VeriSign!

    Personally, I think ISC should be in charge of the keys, but I didn't write in to say so (I would have been considered a troll, prolly).

    [This is a repost of my "serious question" to my "troll's are usually right" thread which was modded "Troll" below.]

    --

    -=/\- Jizzbug -/\=-
    1. Re:exactly by Sloppy · · Score: 2, Interesting

      Let everyone be in charge of their own keys. There doesn't need to be a key. We can have Verisign do this and the feds and you and me.

      --
      As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  14. Why would the establishment prefer DNSSEC by Burz · · Score: 4, Insightful

    ...over ubiquitous use of SSL?

    Almost all of the extra overhead for crypto and/or signing is in processing the initial public key. So DNSSEC seems to make our systems work about as hard, without the benefit of encrypted data.

    OTOH, having an Internet trend set in with most servers switching to SSL (i.e. HTTPS, etc) keeps the government (and corps providing its "security" snooping services) from profiling people based on their everyday choices of art, books, and ways of socializing. It takes ISPs out of the loop as far as acting as surrogate cops snooping on peoples' data.

    If I wanted to further a police surveillance state, I would try to set a trend with DNSSEC instead of a different public key scheme that provides encryption along with verification for the same price... especially if the tools to implement the latter were already on everyone's system waiting to be fully used.

    1. Re:Why would the establishment prefer DNSSEC by amorsen · · Score: 1

      With secure DNS, key distribution for e.g. IPSEC or TLS becomes easier.

      --
      Finally! A year of moderation! Ready for 2019?
    2. Re:Why would the establishment prefer DNSSEC by xrayspx · · Score: 1

      Because changing DNS to TCP globally would cause a lot of networks to grind to a halt. I believe DNSSEC allows you to keep things UDP and fast.

      --
      I like music
    3. Re:Why would the establishment prefer DNSSEC by VeNoM0619 · · Score: 1

      OTOH, having an Internet trend set in with most servers switching to SSL (i.e. HTTPS, etc) keeps the government (and corps providing its "security" snooping services) from profiling people based on their everyday choices of art, books, and ways of socializing. It takes ISPs out of the loop as far as acting as surrogate cops snooping on peoples' data.

      If only you can mod higher than +5...
      Everything on the Internet SHOULD be encrypted. I really really wish that I could encrypt every piece of data I send and receive regardless of its content. The only current solutions for constant encryption are things like TOR which uses proxies and there's still a point for failure (the proxy itself to the destination), and can be LAGGY as hell...

      --
      Disclaimer: I am not god.
      We may not be created equal
      But we can be treated equal.
    4. Re:Why would the establishment prefer DNSSEC by Burz · · Score: 1

      With secure DNS, key distribution for e.g. IPSEC or TLS becomes easier.

      Whereas with existing schemes like HTTPS, the client simply caches the acquired symmetric keys as needed. And non-browser applications could poll the default browser on a system in order to use its CA-based verification; that would allow such apps to distribute their own keys safely. (That is, if you're programming in a framework that doesn't already have PKI functionality.)

      I don't believe that whatever ease is gained in key distribution outweighs the technical problems and risk of abuse that DNSSEC carries. It all seems very specious to me, replacing an established address verification system with a less functional one.

    5. Re:Why would the establishment prefer DNSSEC by Anonymous Coward · · Score: 0

      I am by no means an expert, I am however the DNS admin for a mid sized business. From my limited reading it seems that setting up the ROOT servers with DNSSEC would provide a method by which I can authenticate the validity of the root responses without necessarily setting up my zones to do the same. I am much more concerned with root responding properly than with the minor chance someone would man in the middle our domains. Setting up DNSSEC for my zones will go on my list of todo's of course, but if I cant trust root whats the point.

      As for your SSL theory, who exactly is going to act as the super CA in your scenario? Seems like the corps you are so worried about are the ones validating the SLL certs to begin with. government interference would actually be EASIER with only a few master CA's. If you want privacy, use a proxy, dont mess with my dns.

      In regards to swapping from UDP to TCP, does anyone have numbers on the % increase in packet/byte traffic if you jump from UDP to TCP?

    6. Re:Why would the establishment prefer DNSSEC by Burz · · Score: 1

      Because changing DNS to TCP globally would cause a lot of networks to grind to a halt. I believe DNSSEC allows you to keep things UDP and fast.

      I don't mean DNS over TCP. I'm talking about protocols like HTTPS making attacks on regular DNS futile.

    7. Re:Why would the establishment prefer DNSSEC by MasterOfMagic · · Score: 1

      It doesn't make those attacks futile. You can detect them, sure, but if you're getting bogus information from your DNS server, that's still a denial of service (because you can't get the real address of the site).

      Plus all that an adversary would need to do is watch the DNS requests as they come in to find out where people are going.

    8. Re:Why would the establishment prefer DNSSEC by MasterOfMagic · · Score: 1

      You can not do this with TCP/IP. The destination of where your packet is going has to be visible, whether this is the address of a proxy that will later forward your packet or the address of a IPSec gateway that will forward your packet or of the ultimate destination for your packet. Otherwise it will never get there. Now, you can encrypt the payloads (see IPSec), but you can't encrypt the destination address.

    9. Re:Why would the establishment prefer DNSSEC by amorsen · · Score: 1

      Whereas with existing schemes like HTTPS, the client simply caches the acquired symmetric keys as needed.

      The way it gets the public key of the site today is ridiculously insecure. It trusts a bunch of organizations, several of which have proven to be completely untrustworthy.

      You can used self-signed keys, but then the security is basically non-existent. There is no GPG-like system for the web.

      It all seems very specious to me, replacing an established address verification system with a less functional one.

      If you turn off DNSSEC in your resolver, nothing changed. I don't see how it can be less functional then.

      --
      Finally! A year of moderation! Ready for 2019?
    10. Re:Why would the establishment prefer DNSSEC by MasterOfMagic · · Score: 2, Informative

      Because SSL and DNSSEC solve two different problems. Unless you're doing DNS-over-SSL, which means running DNS in TCP mode.

    11. Re:Why would the establishment prefer DNSSEC by xrayspx · · Score: 1

      SSL is TCP only, DNSSEC is kind of like UDP-SSL for DNS. IIRC there is a proposal for TLS over UDP which would accomplish a similar thing, but I think the specific answer of DNSSEC accounts for all of this.

      --
      I like music
    12. Re:Why would the establishment prefer DNSSEC by Chandon+Seldon · · Score: 1

      The way it gets the public key of the site today is ridiculously insecure. It trusts a bunch of organizations, several of which have proven to be completely untrustworthy.

      I'm pretty sure that the same organizations would be in the chain for DNSSEC.

      --
      -- The act of censorship is always worse than whatever is being censored. Always.
    13. Re:Why would the establishment prefer DNSSEC by Sloppy · · Score: 1

      There is no GPG-like system for the web.

      There could be, if we'd just put it into the browsers.

      --
      As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
    14. Re:Why would the establishment prefer DNSSEC by Burz · · Score: 3, Interesting

      Because SSL and DNSSEC solve two different problems. Unless you're doing DNS-over-SSL, which means running DNS in TCP mode.

      I don't think so. A primary motivation for PKI-backed SSL was to protect against any misdirection, whether at the domain-name or IP address level.

      DNS over TCP isn't being suggested here. Normal DNS with a PKI-using protocol like HTTPS is what provides the protection I'm talking about. Its the scheme you and I already use whenever we make a purchase or do online banking.

      In the case of HTTPS, a interfering with either DNS resolution or misrouting an IP address will cause the connection to stop with a warning. In the case of DNSSEC, interference will generate an error message that most server and client software does not understand.

      With SSL/HTTPS/etc. the address is verified outside the DNS protocol. But it is still verified. Moving that verification into DNS doesn't really help unless you prefer to see most internet traffic remain unencrypted.

    15. Re:Why would the establishment prefer DNSSEC by amorsen · · Score: 1

      I'm pretty sure that the same organizations would be in the chain for DNSSEC.

      True, but at least the security is only as bad as that of one particular company. With regular TLS the security is as bad as that of the worst company.

      --
      Finally! A year of moderation! Ready for 2019?
    16. Re:Why would the establishment prefer DNSSEC by Burz · · Score: 1

      Now, you can encrypt the payloads (see IPSec), but you can't encrypt the destination address.

      That is what onion routing is for. I suggest you read up on the Tor project, where the destination address is indeed encrypted and can't be traced back to the client.

      But anonymity isn't required in order for encryption over conventional links to add a great deal of privacy.

    17. Re:Why would the establishment prefer DNSSEC by Burz · · Score: 1

      The PKI part of SSL can be used to verify addresses, and to exchange symmetric keys that can be used with any TCP or non-TCP stream.

    18. Re:Why would the establishment prefer DNSSEC by Burz · · Score: 1

      It doesn't make those attacks futile. You can detect them, sure, but if you're getting bogus information from your DNS server, that's still a denial of service (because you can't get the real address of the site).

      The same DOS issue applies to DNSSEC. It is not magic and cannot overcome determined interference... it can only prevent you from using falsified data as if it were genuine.

      Plus all that an adversary would need to do is watch the DNS requests as they come in to find out where people are going.

      Again no different with DNSSEC, since it does not encrypt anything... it only signs/verifies. Here is a nice overview with diagram.

      Neither technology was intended to provide anonymity for the 'who' of the connection, but SSL does hide the 'what' of our data. And though SSL was not meant for anonymity, it is the basis for anonymity in onion routing schemes like Tor, I2P and others.

    19. Re:Why would the establishment prefer DNSSEC by Anonymous Coward · · Score: 0

      I can't even begin to explain why this is the douchiest post in this entire thread.

      Way to be trite.

  15. Probably means you pay more actually. by TheLink · · Score: 5, Insightful

    Uh it's just a way for CAs to make money _twice_ (or more times).

    You'll still need CAs.

    How does DNSSEC stop the browser from giving Joe User a warning box that the https cert is not signed by a recognized CA?

    That's the only real reason why you pay CAs to sign your certs - to stop Joe User from being bothered it.

    That CA signing bullshit is little to do with security. Because the last I checked:

    1) nobody really goes through all the CAs bundled with their browser and says: "Yes I trust this CA, no I don't so I'll delete this". There are tons, do you know who they are and how trustworthy they really are? Do you really care? No all you care is that you don't get that warning.
    2) Verisign has proven that they voluntarily do dubious stuff and they've even misissued Microsoft certs (go look under Untrusted Publishers in IE's list of certs ;) ), and yet people _will_ leave the Verisign root certs in - because all you care is you don't that get warning.
    3) Do browser makers actually remove CAs who don't comply to some standard? Do they even have some meaningful standard in terms of security?
    4) AFAIK browsers don't warn you if the a valid cert changes to a different valid cert (even if it is signed by a different CA).

    As you can see, they're not really safer than self-signed certs. To me browsers should do that SSH thing and warn you if the cert has changed (whether it's self-signed or CA signed).

    In that light, forgive me if I'm not convinced that DNSSEC is really going to make things more secure :).

    It'll just be more of the same. One more way for Verisign and gang to make money for making people feel safe.

    --
    1. Re:Probably means you pay more actually. by klx · · Score: 1

      AFAIK browsers don't warn you if the a valid cert changes to a different valid cert (even if it is signed by a different CA).

      They definitely don't warn. Some local users think all unexpected windows are errors and somebody sure as hell needs to answer for them, so spawning a warning there would create a significant number of pointless helpdesk calls per renewal period per server.

      I don't really have an opinion on whether a new good cert should pop, except insofar as I have an opinion about the browsers' involvement in the trusted cert racket. Just saying what would happen if it did pop.

    2. Re:Probably means you pay more actually. by Anonymous Coward · · Score: 0

      Actually, DNSSEC is a hierarchical trust scheme through which you could theoretically provide the public key of the servers in your domain, thus rendering CAs obsolete.

    3. Re:Probably means you pay more actually. by jonaskoelker · · Score: 4, Informative

      You'll still need CAs.

      How does DNSSEC stop the browser from giving Joe User a warning box that the https cert is not signed by a recognized CA?

      That's the only real reason why you pay CAs to sign your certs - to stop Joe User from being bothered it.

      You don't need the CAs, once applications are rewritten to grab keys from the DNS instead.

      Using DNS as a PKI means that my DNS provider is now my CA. If I grab jonaskoelker.free-dns.com and I start out with only a trusted root key, I can learn free-dns's key and trust them. I can then securely send them my key, which they sign for free, along with my signed records.

      Then, when you go to jonas.free-dns.com with a modified firefox, that firefox will trust the DNS key for jonas.free-dns.com as an SSL key for jonas.free-dns.com as well, and you'll trust that the guy whose server you're talking to is the same guy as the one who got the name in the first place.

      With a changed Firefox, you won't need a CA.

      Now, changing how "we" (meaning our browsers) decide whether to trust a site may not be easy, but it can be done.

      If your DNS parent is com, all I can say is "Meet your new CA, same as the old CA" ;)

    4. Re:Probably means you pay more actually. by b1c1l1 · · Score: 1

      As you can see, they're not really safer than self-signed certs. To me browsers should do that SSH thing and warn you if the cert has changed (whether it's self-signed or CA signed).

      But you haven't solved the initial authentication process. Blindly typing 'yes' to the SSH key fingerprint the first time you connect is just as bad as blindly clicking through self-signed certificate warnings.

      You need a trusted medium for authentication -- bundling CA certificates is one approach to bootstrapping that process. (Granted, this requires that people authenticate the browsers they download...)

    5. Re:Probably means you pay more actually. by Lord+Byron+II · · Score: 1

      Interesting. I just checked.. Firefox 3 has 58 CA's installed. Didn't know that.

    6. Re:Probably means you pay more actually. by asdfghjklqwertyuiop · · Score: 1

      You need a trusted medium for authentication -- bundling CA certificates is one approach to bootstrapping that process.

      I think his point is that the current CA system does not adequately provide that either. I mean, come on, do you really trust "TÜRKTRUST Elektronik Sertifika Hizmet Salaycs" (for example) to do things like authenticate usbank.com? Because whoever the hell that is, they're in a lot of people's browsers by default.

    7. Re:Probably means you pay more actually. by MikeBabcock · · Score: 1

      DNS wasn't designed to be a CA and shouldn't be a CA. This is a technical problem with a technical solution and using DNSSEC on the TLDs in place of regular certs is not it.

      --
      - Michael T. Babcock (Yes, I blog)
    8. Re:Probably means you pay more actually. by TheLink · · Score: 1

      Can you really trust Verisign more than TURKTRUST?

      http://www.microsoft.com/technet/security/bulletin/MS01-017.mspx

      Network Solutions is a Verisign owned company which does DNS stuff:

      http://slashdot.org/article.pl?no_d2=1&sid=08/01/08/1920215
      http://yro.slashdot.org/article.pl?sid=04/02/26/235256&tid=123

      DNSSEC happens to be DNS + cert stuff. Go figure.

      --
    9. Re:Probably means you pay more actually. by TheLink · · Score: 1

      "You don't need the CAs, once applications are rewritten to grab keys from the DNS instead."

      1) Why would they rewrite browsers to do that? They're not even rewriting browsers to allow the option of making things more secure.

      2) Could you trust Verisign to sign the real free-dns.com key AND only the real free-dns.com key? http://www.microsoft.com/technet/security/bulletin/MS01-017.mspx
      http://slashdot.org/article.pl?no_d2=1&sid=08/01/08/1920215
      http://yro.slashdot.org/article.pl?sid=04/02/26/235256&tid=123

      2.1) Will free-dns sign any key for jonaskoelker.free-dns.com from anyone claiming to be Jonas Koelker? How do they know it's the right Jonas?

      Sorry, I still don't see how you get better (or actual) security with that scheme.

      I see greater potential for higher costs.

      --
    10. Re:Probably means you pay more actually. by jonaskoelker · · Score: 1

      2.1) Will free-dns sign any key for jonaskoelker.free-dns.com from anyone claiming to be Jonas Koelker? How do they know it's the right Jonas?

      Ah... we need to be able to store an "identity verified" bit in DNS...

  16. Re:Why bother? For a CHEAP PKI... by Anonymous Coward · · Score: 0

    You forget there are much, much more domains then there are SSL enabled servers.
    Fortunately, DNSSec does not require buying a certificate for each domain.

  17. Re:Why bother? For a CHEAP PKI... by Jizzbug · · Score: 0

    Just switch back to the original DNS domain pricing model: $100 per year per domain at InterNIC. The $100 is more than enough to cover any VeriSign-like key management fees.

    This would also have the added benefit of taxing domain squatters.

    It isn't such a big deal if keys come with the registration of domains. It is a big deal if a single private corporation is getting a cut of every domain sold (as in if VeriSign is given control over the keys).

    --

    -=/\- Jizzbug -/\=-
  18. Re:Why bother? For a CHEAP PKI... by denis-The-menace · · Score: 0

    I wish I had mod points for you!

    --
    Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
  19. Dissenting voices by Anonymous Coward · · Score: 0

    On behalf of the Association of Spammers, Scammers, and Dirty Crooks, they respectively vote no on strengthening our nation's DNS services.

    1. Re:Dissenting voices by geminidomino · · Score: 1

      On behalf of the Association of Spammers, Scammers, and Dirty Crooks, they respectively vote no on strengthening our nation's DNS services.

      I dunno about that... Most of them voted to renew that patriot act....

  20. Re:Why bother? For a CHEAP PKI... by supradave · · Score: 1

    I tend to agree.

  21. Nice way to end the song... by sethstorm · · Score: 4, Funny

    Bind me, baby!

    The S in S&M does not stand for Security.

    --
    Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
  22. Why only one CA? (And it's the feds?!) by Sloppy · · Score: 5, Interesting

    I love beating this dead horse: OpenPGP is the one scheme that authentication right, and DNS is Yet Another great example where OpenPGP should be used instead of the obsolete X.509.

    Why would I trust the feds as an introducer? We already know that they do attempt MitMs sometimes, and there's already a history of DNS abuses ordered by presumably well-intentioned courts. But even if this organization had a good reputation, it's just plain dumb to put all your eggs in one basket. There should be provisions multiple certifiers of an identity, so that users decide who is trustworthy and who isn't.

    If the feds are going to sign, I hope they use an OpenPGP signature (which apparently the spec allows!), but I somehow doubt they would want to lend any legitimacy to a scheme that actually lets people authenticate identities, instead of the one intended to create monopolies and single points of failure.

    I have no problem with the feds helping out on this, but we shouldn't completely trust them, and we have the technology so that we don't have to. PRZ gave it to us a couple decades ago.

    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
    1. Re:Why only one CA? (And it's the feds?!) by Anonymous Coward · · Score: 0

      They mentioned KSK held by more than one RKO in proposal 6 but it seems the heavyweights are leaning towards prop4.

    2. Re:Why only one CA? (And it's the feds?!) by Chandon+Seldon · · Score: 3, Insightful

      This is a case where you're right, everyone who has thought about it agrees that you're right, and that's still not the design decision that's going to be made.

      The issue here is a disagreement on goals. You want to make it so that someone who goes to the necessary effort can be secure against an arbitrary attacker. Others want to make it so that someone who goes to no effort will be secure from one step technical attacks by poorly funded attackers. People who are interested in the second case, which includes all major application developers including Mozilla, dismiss the proof of your point ("what about malicious CAs") as being out of scope.

      The only solution to this problem that I can see is to try to provide real security and decentralized infrastructure in as many cases as possible. Why don't we have a Mozilla plugin that uses OpenPGP for SSL with a revolutionary UI that makes it practically useful? Why don't we have distributed DNS? Once we have proof of concept and working code, it'll be much easier to argue that we should be doing these things correctly.

      --
      -- The act of censorship is always worse than whatever is being censored. Always.
    3. Re:Why only one CA? (And it's the feds?!) by Sloppy · · Score: 1

      that's still not the design decision that's going to be made.

      I'm not so idealistic as to disagree, but..

      People who are interested in the second case, which includes all major application developers including Mozilla, dismiss the proof of your point ("what about malicious CAs") as being out of scope

      ..the solution for the first case can also achieve the goals of the second. If they want to include a trusted-by-default OpenPGP public key with Firefox, they could.

      I don't think they'll listen, but I think it's a good idea to keep mentioning it, if for no other reason than to be able to say "told you so" later.

      --
      As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
    4. Re:Why only one CA? (And it's the feds?!) by Chandon+Seldon · · Score: 1

      If they want to include a trusted-by-default OpenPGP public key with Firefox, they could.

      How would that help? Either they'd have to then use that OpenPGP certificate to sign site certificates (and thus either become a CA or create a new class of OpenPGP CAs out of the certificates that they did sign).

      --
      -- The act of censorship is always worse than whatever is being censored. Always.
    5. Re:Why only one CA? (And it's the feds?!) by rs79 · · Score: 1

      " This is a case where you're right, everyone who has thought about it agrees that you're right, and that's still not the design decision that's going to be made."

      "The Internet is about consensus, not truth. Never confuse the two. - Brian Reid (who, funded BIND's development)

      --
      Need Mercedes parts ?
  23. why only one CA by bugs2squash · · Score: 4, Interesting

    I don't see why any nameserver (especially the root nameservers) could not carry signatures from multiple CAs. Maybe that's not DNSSEC (I can't be bothered to read the RFCs !) but it's certainly a technical possibility.

    Also, I think any device looking up any DNS record can chose to ignore the signatures if it wants to anyway (most will).

    So I fail to see what all the conspiracy issues are surrounding the signature of the root name servers. It seems a far cry from implementing a system to roll dnssec out to every nameserver and if a better solution comes along later, or DNSSEC gets better, the new ideas can probably get bolted on.

    --
    Nullius in verba
    1. Re:why only one CA by leto · · Score: 1

      indeed. you can ignore what you want. You can only create your own "secure entry point" that override a parental DNSKEY if you would want to (Think China removing .tw entries). Anyone who controls a resolver can do this. It's a one line configuration change.

      The root key is not Sauron's Ring

  24. Re: Two Internets... by Anonymous Coward · · Score: 0

    ...Someone needs to redesign the whole thing with an generalized, expandable security model. But then we would have two internets...

    Two Internets. Hrm, let's see, one Internet for porn, and the other for...well, everything else. Works for me.

    If you need me, I'll be watching streaming 1080p HD video on fellatio-artist.com from my 250Mb connection over IPv6...

  25. Use Shamir's Secret Sharing algorithm by Anonymous Coward · · Score: 0

    Keep your passwords in a password locker, encrypt your master password using: http://en.wikipedia.org/wiki/Shamir's_Secret_Sharing

    Distribute the fragments among trusted friends, lawyers, etc with instructions to recover your master password upon your death.

    1. Re:Use Shamir's Secret Sharing algorithm by rs79 · · Score: 1

      Shamir's algorithm is very clever. And cleverness is in short supply these days, especially in the dns.

      I'm just thinking out loud here, but it seems to me if the source of authority field in the SOA statement were an IP and not a domain name, and each nameserver had a txt record with part of the zone maintainer signtaure of the whole zone that might work better than DNSSEC. Am I missing something here?

      You'd have to change nameserver code but it's all gonna have to change anyway. Abd Bernstein said he's not gonna add something as stupid as DNSSEC to djbsns, which you'll note doesn't have the problem trying to be solved here in the first place.

      Bind and the industry's insistance on superfluous A records is disgusting. I'm shocked there haven't been more problems because of it. Recall Kashpureffs hijacking of the internic was done this way and one of the conditions of his probation was he had to explain to Kosters how to fix it. Ignore out of baliwick A records is still not well understood, and frankly made worse by the change to the structure of the DNS industry made by Commerce. It was bad enough when NSI had the wrong A record, but you could actually call them and get the to change it. Now each registrar can (and sometimes do) publish A records they shouldn't and the fun begins when two of them have different A records for the same name. It took a year to convince one of the top ten registrars staff that this was actually a problem.

      So don't feel bad if you don't get it. Most of the industry doesn't either.

      In theory you need one A record in the entire DNS. In can kick start itself from there. It's actually be shown to me you can rebuild the entirity of DNS just from scanning web pages.

      But for practicial purposes you could get by with a very small number of A records in the legacy DNS. To be sure, things would be a bit slower, but "right" is better than "quick".

      --
      Need Mercedes parts ?
  26. new ideas can probably get bolted on by Dareth · · Score: 1

    That is how Frankenstein's monster got his head, it was bolted on later as an afterthought. And man was it an ugly hack!

    --

    I only look human.
    My mother is a halfling and my dad is an ogre, so that makes me an Ogreling
  27. Feds won't sign by ReedYoung · · Score: 1

    ... until they've showed it to their lawyer.

    --
    "I can't imagine how things could get any worse!" (some guy) "That could just be failure of imaginatioÂn on your p
  28. Re:Why bother? For a CHEAP PKI... by ThreeGigs · · Score: 1

    With a conventional PKI for your SSL certificates, Verisign or the other CA gets a cut for EVERY server.

    With DNSSEC, the "CA" only gets a cut per domain. Thus DNSSEC can be used to offer key distribution with far less cost, once the root and the TLDs start signing records

    OK, I give up. What's EVERY an acronym for, again?

  29. TCP not an option performance-wise by js_sebastian · · Score: 1

    I was at a talk some time ago where people who run several european root domains were discussing the issue and all seemed to agree that TCP is not an option because it would greatly increase their load.

    That said, I don't know how DNSSEC would be any more light on the CPU... I don't know the details but I assume you would have to sign every DNS packet that you send...

  30. Re: Two Internets... by Anonymous Coward · · Score: 0

    Two Internets. Hrm, let's see, one Internet for porn, and the other for...

    More porn.

  31. We already have a Mozilla PGP UI by Burz · · Score: 1

    The Enigma extension for Thunderbird exists, is rather nice, and isn't setting the computer security market on fire.

    Likewise, SMIME is built into modern email clients (and is dead-simple to use in Outlook Express) but is rarely used.

    WE, the computer cognoscenti, the IT Crowd, have not brought our co-workers, family and other end-users over the psychological threshold that marks the transition from "password user" to "key user".

    The main disincentive is that contemporary desktop operating systems do not make the key and the certificate into a tangible object such as a document, photo or mp3 file. There are no truly unified key-management "keychain" programs; keys and cert files do not get an intuitive icon and association with a keychain manager. So when regular users and power users start to grapple with signing and encryption, they become uneasy and frustrated in ways that the metal keys in their pockets or magnetic keys in their wallets do not.

    Make it easy for people to actually handle keys and certs system-wide, and very many will begin using them.