[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Use of DNS to distribute keys





% 1) If you want to attach a public key to a domain name, you will have to prove
% the authority of the certifier on the domain. The classic counter example is
% when you receive a certificate signed by "Al Capone, General trades, Chicago,
% US" for the domain "lcs.mit.edu". What is needed is what I called "the glue".
% There sure are solutions, but you will have to spell them out..

This is the general trust issue associated with the signing authority
and is not substantially different from the PEM case.  What you are
calling the "glue" I had taken as implicit and I suspect that we can
reuse some of the good work done by the PEM folks.

% 2) The host identifier is not necessarily the "correct" thing to use, even for
% a firewall. I may want to grant access to our local network to "Christian
% Huitema, INRIA, FR", regardless of where his powerbook happens to be plugged.
% It would thus be better to assume that a "classic" certificate is used for
% establishing the IPSEC level "association context" and the associated key
% exchanges; using a domain name instead of a distinguished name should just be
% a special case.

I have carefully never talked about access control or any other policy.
Nor have I mentioned firewalls.  I don't think this is the right forum
to get deeply into matters of policy, but my experience is that there are
many different policies in the world.  I think that different sites
and organisations have different threats, concerns, and objectives and
so I don't think we will ever converge on a single policy as being
appropriate for all sites.

My goal is to be able to protect data at lower layers (e.g. IP) during
transit between IP-capable hosts, where "protect" means some combination 
of integrity, authentication, and/or confidentiality. 
 
To achieve that goal, I seek to be able to establish shared secrets (keys) 
between communicating hosts.  Having key certificates available for each 
host that I wish to communicate with/from makes this task easier. For my goal, 
I believe a domain name is probably the right object.  For other goals, 
other objects might be more appropriate.  I have tried to talk in terms
of a mechanism to facilitate establishment of host-level session keys.

% Regarding ASN.1 encodings, etc: once you start dealing with 1024 bits wide
% exponentiations, T-L-V tagging is pretty much in the noise, so not really
% worth discussing...

I don't think I had raised issues of syntax or encoding, but I don't see
any particularly good reason that a host key certificate should use radically
different mechanisms than PEM certificates use.  I believe there is some 
potential benefit from reusing technology that is believed to work 
reasonably well.

Ran
atkinson@itd.nrl.navy.mil