Lutz Donnerhacke wrote:
On Sat, Aug 30, 2008 at 03:25:16PM +0200, Patrick Vande Walle wrote:
I am not sure I understand your point. PKI require a "trusted third party". This is necessary when both parties do not know each other, which is the case in DNS name resolution. PK architectures are hierarchical by design.
PKIs are not necessary hierarchical: - OpenPGP uses a network of trust. - The classical X.509 PKIs consists of a forest of very flat trees.
I have been using PGP ever since the Fidonet days. Over those 25 years, it never really spread outside the geek/hobbyist/hacker world, because it relies on both parties knowing each other before being able to accept the signatures. This may work in small communities, but it does not scale, for lack of a trusted third party. Agree that X.509 PKIs are mostly flat *BUT* they are run by well identifiable and reputable companies. I think this is my main point. Security is not only a bunch of smart shell scripts around openssl or dnssec-signzone. It is first and foremost how clearly identifiable you are in the real world and what credit you get from others. Users both large and small are less concerned with the company's technical ability than by its toll-free number for complaints and the office address where they can send their lawyer letters.
If you retink your needs for HTTPS/SSL/SSH/... you will notice, that the common user base is not interested in makeing large scale eCommerce, but secure their communication. DNSSEC does the job and is extensible to email, SSH, VPN, ...
My needs as a normal user is that the banking web site I am accessing is clearly identified and guaranteed to be genuine by a reputable third party. My needs as a service provider is to be clearly identified and not to generate warnings in the customer's browser because of an unrecognized CA. If it happens, I will lose a customer. I agree there could be some situations where encryption is desireable but does not need to rely on expensive, unambiguously identifiable and detailed certificates. Those needs are already pretty well covered with PGP, community based PKIs, self-signed certificates, etc. Those who need them know how to use these services and tools. However, I still stand by my original position that domain name system is designed to translate strings of characters into IP addresses. This was the spirit of RFC882. It was designed to be a system where updates were not frequent. Caching and secondary name servers can provide an answer that may not be in sync with the primary. I do not really see how the DNS could handle the reponsiveness needed for revokation of keys. Best regards, -- Patrick Vande Walle Check my blog: http://patrick.vande-walle.eu