On Mar 22, 2022, at 10:06, Masataka Ohta <mo...@necom830.hpcl.titech.ac.jp> wrote:
> Bjorn Mork wrote: > >>> Plain DNS with long enough message ID is secure enough. >> Hello! >> Can you please point me to the set of RFCs (or draft) which describes >> this "secure enough" alternative to DNSSEC? > > As I wrote "rely on DNS cookie or something like that", > an example is in rfc7873. Could I perhaps summarise what you're saying as follows? 1. The cost of DNSSEC signing is high, e.g. due to increased complexity, brittleness of the DNS, perhaps as shown by relatively low demonstrated system-wide deployment; 2. The threats that DNSSEC protects against are not high-probability threats, especially following the adoption of various resolver-hardening techniques adopted following the late Dan Kaminsky's various observations; 3. The threats that DNSSEC protects against are not high-impact either since they affect one layer amongst many for most applications; 4. Protocols and applications that depend on cryptographic assurances in the DNS (DNS as PKI) are few and far between, e.g. low uptake of DANE for protocols other than SMTP; 5. The cryptographic assurances in DNSSEC in any case are not absolute, e.g. since they depend on accurate trust anchor maintenance that is subject to interference by nation states, mobile device management, manipulation through system compromise; 6. Better to avoid the cost of DNSSEC deployment given its low value and focus instead on other approaches like cache-hardening or improving transactional integrity using cookies. Does that come close to what you're getting at? Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
