At 17:15 31/08/2008, Patrick Vande Walle wrote:
Security is not only a bunch of smart shell scripts around openssl or dnssec-signzone. It is first and foremost how clearly identifiable you are in the real world and what credit you get from others. Users both large and small are less concerned with the company's technical ability than by its toll-free number for complaints and the office address where they can send their lawyer letters.
This is a first point. Second point should be that security should be simpler, cheaper and more robust. As often with the Internet one add an option to patch a missing part. Here, like in IDNs the presentation layer is missing. Question: is there a way to simply (hence architecturally) build a secure Internet? I think there is one as a ONES (open network extension system, i.e. in using an OPES underlaying system). But this needs to be really investigated and the WG-OPES was closed when we could have started discussing it. Not yet in the IETF thinking paradigm. But that could probably be implemented as an Internet Plus recipe? Third and more important mid-term point. Secured relations are of the essence in the Inter Semantic network usage. More and more facilitation technologies will evolve towards networking as a replacement of writing or showing human utterances (certainly within less than 10 years). Semantic addressing is the simple way we say to day "dnssec as I think it is" which will translated to "dnssec.jefsey.com" that your computers can compare with dnssec.vande-walle.eu and dnssec.thur.de to try to propose us a consensual synthesis. Is that a dream? I am working on an IETF Draft on Semantic Addressing, so I am interested (similar but interactive and much more common than URI). The semiotical maieutics for our fellow servers to datamine/interview our brains is something separate that advance well in parallel. We use it for years for simple issues (like psychological tests, school quiz, etc.). This means that a security oriented architectural shift of the Internet is necessary and therefore financially acceptable once properly documented (it does not always means a technology shift, but a vision shift). Example. Before trusting any Private Key Institutions, we need to trust the concept and the network. Are Base64 keys secure enough? Is the Internet credible the way it is organised? As you say, we, people, tend to love what is clearly identifiable. When we ask for a toll-free number, we want to know where the toll-free number operator is located in order qualify the answers we get. We trust car plates and telephone numbers more than domain names because we know they are publicly displayed, related to something everyone knows (geography), in a way many will therefore perceive the possible conflicts (hence frauds or mistakes). There is a kind of built-in simple FEC (Forward Error Correction) in telephone numbers. If you want to call someone in the USA you know that "44" is not the correct header. You know your area code and you know if a number is local. This simple things the Internet misses have helped protecting us so far.
However, I still stand by my original position that domain name system is designed to translate strings of characters into IP addresses. This was the spirit of RFC882. It was designed to be a system where updates were not frequent. Caching and secondary name servers can provide an answer that may not be in sync with the primary. I do not really see how the DNS could handle the reponsiveness needed for revokation of keys.
I agree with you about the "DNS". But DNS is just a DDDS application. DDDS (RFC 3401 > 3405) are "Dynamic Delegation Discovery Systems". They are "used to implement lazy binding of strings to data, in order to support dynamically configured delegation systems. The DDDS functions by mapping some unique string to data stored within a DDDS Database by iteratively applying string transformation rules until a terminal condition is reached.". DDDS may have many applications (ontologies, multi-consensus building, documentation, classifications, e-mails, etc.) and should be worked on (also in ISO 11179 context of metadata registries). DDDS and DNS I think we should reconsider the DNS as a DDDS application, after having seriously worked on DDDS. The interest is that the DNS being a DDDS, backward compatibility should be protected. Let imagine an ISO 11179 conformant secure DDDS supporting a CVS. The problem with the DNS (IMHO) is that its a kind of "proprietary" development (filled with specific short-cuts and lacking hooks and proven extensions) and not a standard application of a known architecture supported by a competitive market. DNS has shown that the concept can be used in many areas. The concept. I fully agree: not the current implementation. However, if you consider DDDS, you see that the way IETF has defined them so far is a good start. Yet, they cannot depend on external parameters (like for example weather, load, warning level, costs, etc.) and must be closed "black boxes". That is too bad, because if you consider DDDS carefully you will be surprised how it can be close from most of the complex/intelligent thinking, utterance, and biology schemata. Have a good WE. jfc