John R Levine <[email protected]> wrote: >> Same answer to both questions: Yes, of course there has to be an >> administrative override, but it too has to be protected. A key ceremony is >> the accepted method. A sufficient set of people from a sufficient set of >> places. Needed to initiate key assignment, revoke, restore, etc.
> I just don't see any plausible way to come up with a reset process that
can't
> be subverted by guys with guns.
Might be a feature, if it takes an armed revolution :-)
Years (decades) ago, I suggest the root should not be signed.
Rather, every ccTLD should cross-sign the other ccTLDs, akin to how countries
recognize each other. (This was before the explosion on new TLDs)
This has a few features:
* I (a Canadian) am told to trust .ca. I am then indemnified for doing so.
(* You Americans would have to, you know, actually use .us...)
* It removes a perception that the USSA controls the DNS.
* If my country doesn't want me to do business with country FOO (they are
sanctioned, et.), then we don't break DNSSEC to block them, we use DNSSEC
to replace them. It's not universal.
* If there is a civil war/etc. in country FOO, and my country picks side X,
then I am pointed to side X.
* When there is civil war, both sides will want to capture the DNS people,
just like they used to do radio stations, TV stations, etc... Well. This
might not be a *feature*, but at least our paranoia would be justified :-)
Is this an option today? No.
> If you remember back to the Sitefinder fiasco, there were patches to turn
the
> wildcard result back into NXDOMAIN which I used but I don't think a lot of
> other people did.
<fingers-in-ears-I-choose-to-forget-sitefinder>
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
