[dnssec-deployment] DNSSEC in Russia

Thu Apr 2 18:49:58 EDT 2009

At 14:30 -0700 4/2/09, Paul Hoffman wrote:
>I wrote earlier:
>>Who decides?
>
>The cryptographic community. In the IETF, such questions often go to the
>IRTF but the final decision remains in the IETF process.

I think therein lies a major disagreement.
On the one hand we have the IETF, a group focused on technology, with 
a leadership that is selected via a closed mechanism (nomcom), yadda, 
yadda, yadda.  On the other hand we have governments which have a 
much broader scope of concern and expertise and in some cases, a much 
more open means of selecting the decision makers, and so on.

(I served on the IETF nomcom once.  Closed - we weren't even allowed 
to divulge the names of the real candidates.)

Perhaps that's a grandstanding statement - okay, yes it is.

The global public internet is not a toy for the engineers benefit. 
When it comes to the parameters within which we have to work - the 
sources are many.  Let's not fool ourselves this is a technocracy.

This is why I am trying to go out of my way to make sure the 
technology can be bent to accommodate a requirement laid upon us, no 
matter what the source, so long as compliance is desirable.  Do we 
want Russia to be able to use DNSSEC?  I think so.

I don't question requirements.  I'm willing to show how they are best 
met, and let the owner of the requirement decide whether to continue.

>>I can't get a straight answer from a cryptographer about what's a suitable
>>key length in RSA, much less an answer about the soundness of an algorithm.
>
>I doubt the first part; please show which cryptographers gave different
>opinions on a suitable key length for RSA when presented with the right
>inputs (key lifetime and value). The second is an inherent problem with
>security: attacks always get better, and usually at unexpected times.

Perhaps when I said "I can't get a straight answer" it wasn't clear 
that I was talking about my experience in this manner.  Whenever I 
tried to pin someone down to a recommendation, the conversation 
turned evasive.  Always has, even with a "friend" cryptographer.  As 
I said this at the mic at DNSOP last week - "I've never seen anyone 
willing to admit they are a cryptographer on tape."  What I love 
about the whole field is that experts are so unwilling to ever give 
definitive answers - lawyers are less evasive.  Sorry lawyers.

>>I don't agree that the presence of an algorithm in a zone lowers the security
>>of a zone relative to the other algorithms in it.
>
>So you're fine with IANA signing the root zone with an RSA key of length 64,
>along with the other keys it signs with? Others may disagree with this.

I should add, I never assumed IANA would be signing with GOST (nor 
even at all), perhaps the signatures for the root zone are applied by 
different entities holding the respective private keys.

But I don't suspect that is what you meant.  The goal is to meet 
requirements, although requirements are subject to negotiation.  Some 
more so than others, and to varying degrees.
-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis
NeuStar                    You can leave a voice message at +1-571-434-5468

Getting everything you want is easy if you don't want much.