[144509] in North American Network Operators' Group
Re: Microsoft deems all DigiNotar certificates untrustworthy, releases
daemon@ATHENA.MIT.EDU (Tony Finch)
Mon Sep 12 17:52:34 2011
Date: Mon, 12 Sep 2011 22:51:04 +0100
From: Tony Finch <dot@dotat.at>
To: fredrik danerklint <fredan-nanog@fredan.se>
In-Reply-To: <201109122242.35932.fredan-nanog@fredan.se>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
fredrik danerklint <fredan-nanog@fredan.se> wrote:
>
> and how about a end user, who doesn't understand a computer at all, to
> be able verify the signatures, correctly?
The current trust model for DNSSEC relies on the vendor of the validator
to bootstrap trust in the root key. This is partly a matter of pragmatism
since the validator is a black-box agent acting on the user's behalf, like
any other software.
It is also required by the root key management policies, since a root key
rollover takes a small number of weeks, much shorter than the
not-in-service shelf life of validating software and hardware. This means
that a validator cannot simply use the root key as a trust anchor and
expect to work: it needs some extra infrastructure supported by the vendor
to authenticate the root key if there happens to have been a rollover
between finalizing the software and deploying it.
Tony.
--
f.anthony.n.finch <dot@dotat.at> http://dotat.at/
Biscay, FitzRoy: Southwesterly 4 or 5, veering northerly or northwesterly 5 or
6, occasionally 7 later in southeast Fitzroy. Rough or very rough. Rain or
showers. Good, occasionally poor.
