IETF Logo Mail Archive

Re: [dane] Behavior in the face of no answer?

Eric Rescorla <ekr@rtfm.com> Tue, 15 May 2012 02:31 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E545F21F894F for <dane@ietfa.amsl.com>; Mon, 14 May 2012 19:31:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.873
X-Spam-Level:
X-Spam-Status: No, score=-102.873 tagged_above=-999 required=5 tests=[AWL=0.104, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tzFgA6UVntXo for <dane@ietfa.amsl.com>; Mon, 14 May 2012 19:31:45 -0700 (PDT)
Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 4C7F121F894A for <dane@ietf.org>; Mon, 14 May 2012 19:31:45 -0700 (PDT)
Received: by vbbez10 with SMTP id ez10so6781381vbb.31 for <dane@ietf.org>; Mon, 14 May 2012 19:31:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding :x-gm-message-state; bh=Um4XcMG11qoQO4EjDoFtNHBenY+EBPhY4jQmHjstSig=; b=HRc54avyGKQ3l7oKNm1lN8wrLEomH1JamN3jfYPNauu3ypDEvG22v6tr/kNTuLZjh9 Y4z6CEY3SUTJ4oIkFqbxCT+s4mqNrK7xYR3CN/3csFMRb3LXUmACk3YKIG9j97p+CkeU MKjsSb1M8FxV6Z2/JUviUCChJwPAM5xSEwYn0esBwgRMAk+dw7/XBhaD0SgCQSmG2vMx kG0Y++IWUVkeNmPNACklHECKGpyw/t8py4b7K+NJckNJwGrB7sRQ8PMOGb6iY8beVy6b UpNUQcHfXziL3gBwl/O+fraQ9zIaAvS61WJwXQjE99XDQMSwNHESCMubC+ZzyyPakVyF C0bA==
Received: by 10.52.172.194 with SMTP id be2mr312903vdc.60.1337049104132; Mon, 14 May 2012 19:31:44 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.35.209 with HTTP; Mon, 14 May 2012 19:31:03 -0700 (PDT)
X-Originating-IP: [74.95.2.173]
In-Reply-To: <643D87CD-D01E-47B8-82E5-D3F57D50C80B@vpnc.org>
References: <CABcZeBMY26xrfvAx=UsYN2XnuONZ2vPy9tNwHQALudd=yQDvgA@mail.gmail.com> <643D87CD-D01E-47B8-82E5-D3F57D50C80B@vpnc.org>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 14 May 2012 19:31:03 -0700
Message-ID: <CABcZeBPCYNV=i5rsNt_QDDE2hY+8Tw4izovAVEFjYc=ESJst+Q@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQmOJS3P2sxUvae6ffQtlM7JFsfDFRFaDwXg/d3TIhTg6p11+fRISOWJ3R0vvH6R9fK2VR05
Cc: dane@ietf.org
Subject: Re: [dane] Behavior in the face of no answer?
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 May 2012 02:31:46 -0000

On Mon, May 14, 2012 at 7:12 PM, Paul Hoffman <paul.hoffman@vpnc.org> wrote:
> There doesn't seem to be convergence here, and the WG chairs and AD have asked the authors to propose wording that might bring consensus. The following text may be insufficient, but it's the best I can do at the moment, and if it isn't good enough, having you propose specific changes may be helpful.
>
> This proposed text tries to pull together:
>
> - Ekr's security analysis
>
> - The desire for a MUST that is likely to be deployed, not ignored
>
> - Acknowledgement that if the user doesn't know TLSA is being used, they are not losing anything from the attack
>
> (And, yes, I think that the chairs should be doing this bit instead of Jakob and I. Oh, well.)
>
> An attacker who is able to divert a user to a server under his control is also
> likely to be able to block DNS requests from the user or DNS responses being
> sent to the user. Thus, in order to achieve any security benefit from
> certificate usage 0 or 1, an application that sends a request for TLSA records
> needs to get either a valid signed response containing TLSA records or
> verification that the domain is insecure or indeterminate. If a request for a
> TLSA record does not meet one of those two criteria but the application
> continues with the TLS handshake anyway, the application has gotten no benefit
> from TLSA and should not make any internal or external indication that TLSA
> was applied.

I think this is generally fine, modulo Stephen's concerns about types 2 and 3,
which I haven't worked through yet.


> If an application has any indication that TLSA is in use (such as
> through a configuration setting), that application MUST not start a TLS
> connection or abort a TLS handshake if either of the two criteria above are
> not met.

I feel like this is confusing. There are two senses in which TLSA might
be "in use". (1) The application is trying to retrieve it. (2) The DNS server
is serving it. We're clearly in the first case, and it's the second which
is unknown to us b/c under control of the attacker. Perhaps you
mean to say "Applicaions SHOULD offer a setting to allow users to
set strict TLSA checking, in which case..."

v2.8.7 | Report a Bug | By Email