Why are we still using the CA model? (Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates)

Ted Cooper ml-nanog090304q at elcsplace.com
Mon Sep 12 10:30:37 CDT 2011

On 13/09/11 01:12, Randy Bush wrote:
>>> as eliot pointed out, to defeat dane as currently written, you would
>>> have to compromise dnssec at the same time as you compromised the CA at
>>> the same time as you ran the mitm.  i.e. it _adds_ dnssec assurance to
>>> CA trust.
>> Yes, I saw that. It also drives up complexity too and makes you wonder
>> what the added value of those cert vendors is for the money you're
>> forking over.  Especially when you consider the criticality of dns
>> naming for everything except web site host names using tls. And how
>> long would it be before browsers allowed
>> self-signed-but-ok'ed-using-dnssec-protected-cert-hashes?
> agree

I would have thought that was a perfectly acceptable end point.

The multiple CA's go away (oops), replaced with everyone being able to
publish and authenticate their own certificates. The DNS has to be
compromised to publish certificates, but if they've managed to do that,
it doesn't matter what certificate you had in the first place.

There are already public keys in the DNS for DKIM which work quite well.

It lowers the cost for getting an SSL cert for your domain, but
certainly not the security. Getting a cert for a domain is laughable
these days. It's either too easy, or stupendously hard and ridiculous.
EV certs are a joke as demonstrated by the thousands of people still
getting phished since end users don't look at the address bar anyway.

So long as it's encrypted and in some way secured against the domain,
it's good enough isn't it?

More information about the NANOG mailing list