Experts Tell Feds To Sign the DNS Root ASAP

alphadogg sends along news that the US National Telecommunications and Information Administration has gotten plenty of feedback on its call for comments on securing the root zone using DNSSEC. The comment period closed yesterday, and more than 30 network and security experts urged the NTIA to implement DNSSEC stat. There were a couple of dissenting voices and a couple of trolls.

Why bother? For a CHEAP PKI...

[nweaver]

With a conventional PKI for your SSL certificates, Verisign or the other CA gets a cut for EVERY server.

With DNSSEC, the "CA" only gets a cut per domain. Thus DNSSEC can be used to offer key distribution with far less cost, once the root and the TLDs start signing records.

(Not an original argument, but I agree with it.)

DNS

[Gizzmonic]

Are you troubled by DNS cache poisoning...well don't worry!

I wrote a song about it!

Your domain will be safe,
You'll be well on your way
With DNS-SEC security!

Signing is a breeze,
Bring hackers to their knees
With DNS-SEC security!

I know you're grown attached to old
Ways of doing things
But when you update BIND
Your heart will race to sing!

DNS-SEC implementation
Put the spammers on permanent vacation
DNS-SEC implementation
I hear it's got great documentation!

Bind me, baby!

(GUITAR SOLO)

not so fast

[ejtttje]

I wouldn't be so quick brush aside dissension on this issue. This comment in particular:
http://www.ntia.doc.gov/DNS/comments/comment034.pdf
seemed well thought out, and at the end suggests several other workarounds with fewer issues. Namely, switch to using TCP instead of UDP so there's a handshake involved instead of blindly accepting incoming datagrams. It's not that the bug shouldn't be addressed, but maybe DNSSEC is the wrong answer.

Re:Trolls equal...

[e9th]

Well, by his definition he's really been moderated "right".

Re:DNSSEC ready for prime time?

[WiglyWorm]

Well, the U.S. owns the internet, right? We should just pass a law for IPv6.

Re:Why bother? For a CHEAP PKI...

[ObsessiveMathsFreak]

Congratulation! You've just explained why the DNSSEC will never be implemented on the root server.

Probably means you pay more actually.

[TheLink]

Uh it's just a way for CAs to make money _twice_ (or more times).

You'll still need CAs.

How does DNSSEC stop the browser from giving Joe User a warning box that the https cert is not signed by a recognized CA?

That's the only real reason why you pay CAs to sign your certs - to stop Joe User from being bothered it.

That CA signing bullshit is little to do with security. Because the last I checked:

1) nobody really goes through all the CAs bundled with their browser and says: "Yes I trust this CA, no I don't so I'll delete this". There are tons, do you know who they are and how trustworthy they really are? Do you really care? No all you care is that you don't get that warning.
2) Verisign has proven that they voluntarily do dubious stuff and they've even misissued Microsoft certs (go look under Untrusted Publishers in IE's list of certs ;) ), and yet people _will_ leave the Verisign root certs in - because all you care is you don't that get warning.
3) Do browser makers actually remove CAs who don't comply to some standard? Do they even have some meaningful standard in terms of security?
4) AFAIK browsers don't warn you if the a valid cert changes to a different valid cert (even if it is signed by a different CA).

As you can see, they're not really safer than self-signed certs. To me browsers should do that SSH thing and warn you if the cert has changed (whether it's self-signed or CA signed).

In that light, forgive me if I'm not convinced that DNSSEC is really going to make things more secure :).

It'll just be more of the same. One more way for Verisign and gang to make money for making people feel safe.

Re:An explanation please?

It's about the DNS poisoning attacks from a few months ago. DNS Sec works properly when the top servers can vouch for the next server down the tree, but this only works if the top servers are secured with a well known public key.

The issue is that the Federal bureau in charge of the root servers felt it had to go through the same bureaucratic process of getting consent, comments and so on and so forth that all federal regulations have to go through, by law. This takes a while, and a lot of people think they should have just done it.

John Roth

Why only one CA? (And it's the feds?!)

[Sloppy]

I love beating this dead horse: OpenPGP is the one scheme that authentication right, and DNS is Yet Another great example where OpenPGP should be used instead of the obsolete X.509.

Why would I trust the feds as an introducer? We already know that they do attempt MitMs sometimes, and there's already a history of DNS abuses ordered by presumably well-intentioned courts. But even if this organization had a good reputation, it's just plain dumb to put all your eggs in one basket. There should be provisions multiple certifiers of an identity, so that users decide who is trustworthy and who isn't.

If the feds are going to sign, I hope they use an OpenPGP signature (which apparently the spec allows!), but I somehow doubt they would want to lend any legitimacy to a scheme that actually lets people authenticate identities, instead of the one intended to create monopolies and single points of failure.

I have no problem with the feds helping out on this, but we shouldn't completely trust them, and we have the technology so that we don't have to. PRZ gave it to us a couple decades ago.