|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Mon, 2 Apr 2007 18:18:45 +0000 From: bmanning@karoshi.com To: David Conrad <drc@virtualized.org> Cc: "<michael.dillon@bt.com>" <michael.dillon@bt.com>, nanog@merit.edu In-Reply-To: <AE2D04CB-0272-4614-B2A7-B71DE80EBF07@virtualized.org> Errors-To: owner-nanog@merit.edu On Mon, Apr 02, 2007 at 07:45:08AM -0700, David Conrad wrote: > > Hi, > > >Wouldn't the holder of these keys be the only ones able to spoof > >DNSSEC? > > Yes. This is an assumption of DNSSEC, regardless of who signs the > root. The implication of this (and the fact that emergency key > rollover requires everyone on the planet with a validating resolver > to update the root trust key manually) is that protecting the root > key signing key is a bit important. > > Rgds, > -drc one important attribute of key roll would seem to be the lack of a "flag-day". ... there are at least a couple of proposals that mitigate that particular risk. --bill
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |