[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Use of DNS to distribute keys

To: atkinson@itd.nrl.navy.mil, Christian Huitema <Christian.Huitema@sophia.inria.fr>
Subject: Re: Use of DNS to distribute keys
From: tardo@tardo.lkg.dec.com
Date: Wed, 08 Sep 93 14:09:43 -0400
Cc: ipsec@ans.net, tardo@tardo.lkg.dec.com
In-Reply-To: Your message of "Wed, 08 Sep 93 11:05:50 +0200." <199309080905.AA05188@mitsou.inria.fr>


Keeping certificates in a "lightweight, deployable now, architecture
unburdened" parallel name service (to DNS) is a nice idea.  So good,
in fact, that it's been thought of, implemented, and distributed as
freeware already by, in fact, us, as "SPX".  Also, SPX uses
essentially the same certificate format (modulo some recent signature 
details), as PEM.  See the "DAS" internet drafts Charlie Kaufman 
authored a while back for certificate and policy models.

SPX was based not on DNS but on the Kerberos/Athena model. The 
certificate server was really more like an "untrusted KDC" thing than
a directory service.

But, really, for on-line key distribution, by the very nature of the 
communication, you don't need a name service at all except to find the
other guy's network address.  Once you have it, just contact a well-
known port at the destination and ask for their certificate - even 
finger would do the trick, as has been suggested before as well.  For 
"DAS-like" policies, you can ask for particular chains of certificates 
down from those PCAs you trust, for example.  If you can't get to their
key server application, you can't get to them anyway, so there's no
worry about disclosure.

The Achilles heel is getting the certificates into the end systems, keeping
them refreshed, and making sure they haven't been revoked.  You would
have this problem in all cases - you need to get the secret thingie into
the target system so you know to whom you are talking.  This requires
some sort of authority infrastructure, mutually acceptable to policies of
the particular communicants in question, and there you are, on the slippery
slope, so to speak.

Of course, you could just go with Diffie-Hellman for traffic key exchange
and skip the system-to-system level authentication altogether, just use
passwords for user account level access and be done with it.  And, this
is REALLY usable right now.  Furthermore, any protocols that really need
authentication, such as mobile-IP, will probably carry their own security
exchange fields anyway, or at least will know to design them in.

/Joe

References:

Re: Use of DNS to distribute keys

From: Christian Huitema <Christian.Huitema@sophia.inria.fr>

Prev by Date: Re: Use of DNS to distribute keys
Next by Date: retry
Prev by thread: Re: Use of DNS to distribute keys
Next by thread: Re: Use of DNS to distribute keys
Index(es):
- Main
- Thread