Re: [dane] Behavior in the face of no answer?

[Martin Rex <mrex@sap.com>]

Eric Rescorla wrote:
> 
> Martin Rex <mrex@sap.com> wrote:
> >
> > Eric Rescorla wrote:
> >>
> >> Before we discuss how to proceed, I think it would be useful to get
> >> agreement on the security analysis.
> >
> > Analysis (about what the attacker could do) is correct, but ...
> >
> >>
> >> I claim that for Usages 0 and 1, treating TLSA non-response as if no
> >> TLSA records exist means that DANE adds minmal/no security value for
> >> those usages. If people disagree with that,
> >
> > I do not fully agree to the conclusion.
> > With the exact same logic, when comparing DV-certs to EV-certs, you
> > could say that EV-certs add minimal/no security value.
> 
> It's precisely for this reason that EV certs add minimal security value.
> 
> 
> > Web Browsers provide visual cues to differentiate DV/EV-certs (since
> > very few users look at the certificate details.
> 
> There's very little evidence that users treat these indicia differently.
> Adding yet another indicator seems to make the cognitive overload
> problem even worse.


Browsers memorize megabytes of useless stuff, but seem to have
difficulties memorizing a few kilobytes of useful and important
stuff.

Currently, the value of EV-certs is vitally dependent on cooperation
of the human brain of the user at the TLS client to either react
to the visual cues or look at & perform plausibility checks on the
additionally vetted information, comparing it to the original intent.

Browsers (and to some extent TLS clients in general) should be able
to perform some of that all by themselves rather than "outsourcing"
it to users, since users quickly become bored by such activity
and start cheating/ignoring.

As long as the majority of Web-sites & their users get to login-pages
by clicking a URL on a page received through HTTP rather than HTTPS,
the hard-fail instead of a soft-fail DANE discussion does not add
value, but instead might turn out to be a coffin nail.


-Martin