IETF Logo Mail Archive

Re: [dane] DANE and STARTTLS - indication of availability of encryption

Ian Fette (イアンフェッティ) <ifette@google.com> Fri, 06 September 2013 16:12 UTC

Return-Path: <ifette@google.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B929A21E81C8 for <dane@ietfa.amsl.com>; Fri, 6 Sep 2013 09:12:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.317
X-Spam-Level:
X-Spam-Status: No, score=-1.317 tagged_above=-999 required=5 tests=[AWL=-0.240, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, J_CHICKENPOX_24=0.6, MIME_8BIT_HEADER=0.3, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cbzyHuo0Thp7 for <dane@ietfa.amsl.com>; Fri, 6 Sep 2013 09:12:10 -0700 (PDT)
Received: from mail-ie0-x231.google.com (mail-ie0-x231.google.com [IPv6:2607:f8b0:4001:c03::231]) by ietfa.amsl.com (Postfix) with ESMTP id 8321521E8136 for <dane@ietf.org>; Fri, 6 Sep 2013 09:12:09 -0700 (PDT)
Received: by mail-ie0-f177.google.com with SMTP id e14so7272005iej.36 for <dane@ietf.org>; Fri, 06 Sep 2013 09:12:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:content-type; bh=G1YwrNaTIoCMvdELSTDxSqdo6F5ynzOkNiynL1j49SY=; b=LtcwY2h0jWicg3dSYeUV9ScWz0htwKJASlq+jZDIZNiyzLiTBbVbW4WOrvvqAwoHyv M6aUm/z1UFLxwViYsVNpHc7m20jujSM880veCrZmkkajaCzpVi/HvuyAeXvDV4sFWs97 sLPknGT2uwVzOiJburZEDygema4Dyk6IbQz9JbthTJP8u7ECNxwKAwuj6t/DjawS6IOC IyZxY+js6kA6A1IfuLhl8g67Elt0a7vwp687qhQ3KCBpEJd0RhGsr3e9T9xHNVEtLQpZ AqHZ7HFGrMZUPZ8WhruEOeUcLVYg/YtTzBur12/sZfUt5og4fXwdKy2/4Gek1Tr9Hjrd HlzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=G1YwrNaTIoCMvdELSTDxSqdo6F5ynzOkNiynL1j49SY=; b=h1UhcHWqVHddMI/rYIf1qHcF5RS1wFn3qXDqFl/vKjGupmV0IA8XU2ou0KdqrR75cR aInEyc8HY2WqDZOtzu2HD7Cb6IuiW4MweFHxJgZDVVe7BAtood1BjVTIKuuTaLvZ1wcr yJFFbC52h2CQ1UdNPhyaQPKddDA/VcsA7AQxnGFi9Loa3ZhXMy1E4YeV7x+eZi6bnVzI YvU/HDzXCYgUlx8O2H+xQdPzY1atDMTcycaxdo8Qm2JKmwbJmghSyBoIUTq4DRT8NwP9 PFf/yt+S0V6+2xCdCMRL9iNLRq3xvhOJbs8wk6+ezAAInlHuTKo0y9oueKrgO0+Wxpym 237w==
X-Gm-Message-State: ALoCoQloOvj5lWfLwTnIy0QGpUPIrCL242Ma04jdAtwiciS68r35FK5e1sZtljWDyKwJCkNik575mAhyvpQXlWTxHve7O2/OUW9vqLU6tOKaHg0N6/CaMqcirfWE2FIqd0k3xI5B6Ykg2IJ87fmdmltC6UYmRHrR5bh1AOH7uvg5nOLfl8JIW9qsVbaKpTRnGRCYNduayZYD
MIME-Version: 1.0
X-Received: by 10.42.119.141 with SMTP id b13mr2051841icr.0.1378483928923; Fri, 06 Sep 2013 09:12:08 -0700 (PDT)
Received: by 10.231.161.70 with HTTP; Fri, 6 Sep 2013 09:12:08 -0700 (PDT)
Received: by 10.231.161.70 with HTTP; Fri, 6 Sep 2013 09:12:08 -0700 (PDT)
In-Reply-To: <20130906155016.GY29796@mournblade.imrryr.org>
References: <20130904144549.GA29796@mournblade.imrryr.org> <m3bo48885q.fsf@carbon.jhcloos.org> <20130905010924.GM29796@mournblade.imrryr.org> <CAF4kx8fq2oxNK2MiCCrNJUn-Qog+TXrHZ+ohj-vKFxpi+5PPEw@mail.gmail.com> <20130905212933.GI61351@mx1.yitter.info> <CAF4kx8etOjE8y4B9dq1dm6_5_8TOYHnp4v1r0bfT1SOr5im0mw@mail.gmail.com> <m3d2om5bt2.fsf@carbon.jhcloos.org> <20130906155016.GY29796@mournblade.imrryr.org>
Date: Fri, 06 Sep 2013 09:12:08 -0700
Message-ID: <CAF4kx8cHKj24Wwf=4-OECY+rRLsoW2_8V_q+gY2-KmpMOnFg7Q@mail.gmail.com>
From: "Ian Fette (イアンフェッティ)" <ifette@google.com>
To: dane@ietf.org
Content-Type: multipart/alternative; boundary="90e6ba61492ae9cb7704e5b94c58"
Subject: Re: [dane] DANE and STARTTLS - indication of availability of encryption
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ifette@google.com
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Sep 2013 16:12:10 -0000

That would assume deploying dnssec on Gmail.com is somehow easier than on
Google.com :-)
On Sep 6, 2013 8:50 AM, "Viktor Dukhovni" <viktor1dane@dukhovni.org> wrote:

> On Fri, Sep 06, 2013 at 09:17:20AM -0400, James Cloos wrote:
>
> > The idea of using the existence of an unsecured tlsa rr as a hint that
> > tls must be used was, IIRC, discussed in the early days of this wg.
>
> This is largely impractical for SMTP.  SMTP TLSA RRs are of course
> tied to MX hosts (transport destinations), not email domains.  An
> MITM can bypass any such cached RRs by sending malicious MX replies.
>
> The TTLs on MX records are often relatively short (gmail.com is 1H)
> so attacks don't require the attacker to wait long and for smaller
> destination domains which don't receive a steady stream of traffic
> from all senders, or when intercepting a low-volume sender, the
> target MX RRset is often already expired from the cache due to
> infrequent mail transmission.
>
> Also any insecure data with a remotely specified TTL is a golden
> opportunity for cache poisoning attacks.  Just set a very long TTL
> with a bogus certificate association and the MITM attacker is set
> for a long time.  In the mean time log entries show happily
> authenticated connections, nobody is any the wiser unless they are
> logging the underlying digests and looking for malicious changes.
>
> I understand that it would be convenient if security could be
> obtained more easily.  Sadly, there is a lower bound on the cost.
>
> > Doing MX+TLSA queries as soon as the destination(s) are known so as to
> > indicate the possibility of TLS (Trusted, Untrusted or Verified) can be
> > a good idea.
>
> What should an MTA do differently when insecure TLSA records are
> found for one or more MX hosts, and why?
>
> > But it tlsa existance is to be the key, it does seem best to demand that
> > it be secured.
>
> On this we agree.
>
> > But please do publish the tlsa sooner rather than later.  Even though
> > they likely will not get used in practice until the zones are signed,
> > tests can still be done to ensure accuracy, and there won't have to be
> > any delays post-signing.
>
> A better test is to use non-production MX hosts in a signed zone.
>
>         dane-test.gmail.com. IN MX 0 mx.dane-test.gmail.com.
>         mx.date-test.gmail.com. IN A 192.0.2.1
>         mx.date-test.gmail.com. IN TLSA 2 1 1 {sha256 pubkey hash}
>
> then one can test verified connections to dane-test.gmail.com before
> publishing TLSA RRs for the production zone.
>
> --
>         Viktor.
> _______________________________________________
> dane mailing list
> dane@ietf.org
> https://www.ietf.org/mailman/listinfo/dane
>

v2.29.0 | Report a Bug | By Email | System Status