Vanishing Point - Resilient DNSSEC Key Repository

807 views

Published on

Security analysis of DNS: provides an overview of DNSSEC architecture and limitations, and highlights some of its problems: lack of resilience, multiple-root scenario, lack of isolation, legacy and Trust Anchor Management. DNSSEC Lookaside Validation (DLV) addresses most of these problems but not only it fails in providing resilience but also it devotes the root of trust of a zone into a unique trusted entity.
We propose Vanishing Point for solving the highlighted problems of DNSSEC. Vanishing Point is a resilient DNSSEC Key Repository Service that allows lookaside validation without relying solely on a PKI infrastructure.

Paper: http://dev.sig9.net/files/ResearchProject.pdf

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
807
On SlideShare
0
From Embeds
0
Number of Embeds
14
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Vanishing Point - Resilient DNSSEC Key Repository

  1. 1. DNSSEC-aware Cache Resolver { message }
  2. 2. DNSSEC-aware Cache Resolver example.net { message } K2 another.net { message } K3

×