nanog mailing list archives
Re: Security team successfully cracks SSL using 200 PS3's and MD5
From: Mark Andrews <Mark_Andrews () isc org>
Date: Tue, 06 Jan 2009 17:10:47 +1100
In message <4962E096.7070409 () karnaugh za net>, Colin Alston writes:
On 2009/01/05 10:47 PM Randy Bush wrote:perhaps i am a bit slow. but could someone explain to me how trust in dns data transfers to trust in an http partner and other uses to which ssl is put?I must also be slow. Can someone tell me how DNSSEC is supposed to encrypt my TCP/IP traffic?
DNSSEC allows you to go from dns name -> CERT in a secure manner. The application then checks that the cert used to establish the ssl session is one from the CERT RRset. Basically when you pay your $70 or whatever for the CERT record you are asking the CA to assert that you have the right to use the domain name. It's expensive because they are not part of existing DNS trust relationship setup when the domain was delegated in the first place. The natural place to look for DNS trust is in the DNS. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews () isc org
Current thread:
- Re: Security team successfully cracks SSL using 200 PS3's and MD5, (continued)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Joe Abley (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Randy Bush (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Joe Abley (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Randy Bush (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Valdis . Kletnieks (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Joe Greco (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Jason Uhlenkott (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Matthew Kaufman (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Michael Sinatra (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Colin Alston (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Mark Andrews (Jan 05)
- DNSSEC vs. X509 (Re: Security team successfully cracks SSL...) Paul Vixie (Jan 05)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Mark Andrews (Jan 05)
- RE: Security team successfully cracks SSL using 200 PS3's and MD5 Stasiniewicz, Adam (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Robert Mathews (OSIA) (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Dragos Ruiu (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Gadi Evron (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Dragos Ruiu (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Christopher Morrow (Jan 02)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 William Warren (Jan 03)
- Re: Security team successfully cracks SSL using 200 PS3's and MD5 Dorn Hetzel (Jan 03)