Re: [DNSOP] DNSSEC threshold signatures idea

2018-09-07 Thread Warren Kumari
On Thu, Sep 6, 2018 at 2:15 PM Steve Crocker wrote: > I've been thinking about a version of this problem for several years. > Attached are a short paper and presentation on the topic of a tamperproof > root zone update system. The ideas are also applicable to other levels in > the DNS tree. > >

Re: [DNSOP] DNSSEC threshold signatures idea

2018-09-07 Thread william manning
Great stuff Steve. John Gilmore and I talked about the use of byzantine quorum systems for key management at ISOC in 1998. And Olaf Kolkman, Johan Ihren and I proposed such a system in 2005 as an alternative to what became RFC 5011. I built a DNS system that used these ideas for DNS key managemen

[DNSOP] 答复: DNSSEC threshold signatures idea

2018-09-07 Thread 宋林健
I also ask the same question and look for solutions. I do find a statement from a paper (The Honey Badger of BFT Protocols@ CCS 2016) that " if an trusted party is unavailable, then a distributed key generation protocol could be used instead (c.f., Boldyreva [11])." [11] A. Boldyreva. Threshold