On 6/19/23 8:08 PM, Masataka Ohta wrote:
Matt Corallo wrote:
This is totally unrelated to the question at hand. There wasn't a question about whether a user relying on trusted authorities can maybe be whacked by said trusted authorities (though there's been a ton of work in this space, most notably requiring CT these days),
So, let's recognize ISPs as trusted authorities and we are reasonably safe without excessive cost to support DNSSEC with all the untrustworthy hypes of HSMs and four-eyes principle.
I think this list probably has a few things to say about "ISPs as trusted authorities" - is everyone on this list already announcing and enforcing an exact ASPA policy (or BGPSec or so) and ensuring the full path for each packet they send is secure and robust to ensure it gets to its proper destination? Somehow I don't think this model is workable, but what do I know, I was just responding to someone on this list who mentioned it was dumb to rely on IP destination as being secure :) Matt