Re: [dane] domain hijacking

"John R Levine" <johnl@taugh.com> Thu, 13 April 2017 16:38 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0E8D1294F9 for <dane@ietfa.amsl.com>; Thu, 13 Apr 2017 09:38:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.221
X-Spam-Level:
X-Spam-Status: No, score=-1.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=PJpyMGcd; dkim=pass (1536-bit key) header.d=taugh.com header.b=IkgWjJ/4
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k8ypMLKLyXIv for <dane@ietfa.amsl.com>; Thu, 13 Apr 2017 09:38:06 -0700 (PDT)
Received: from miucha.iecc.com (www.iecc.com [IPv6:2001:470:1f07:1126::4945:4343]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A99831294C8 for <dane@ietf.org>; Thu, 13 Apr 2017 09:38:05 -0700 (PDT)
Received: (qmail 38031 invoked from network); 13 Apr 2017 16:38:04 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=948d.58efa96c.k1704; bh=ED3vXg+REE/FBfCjAVkCveVpcyq+DXukbrLZwde2HDA=; b=PJpyMGcdIqLeItwNDBzOlcB8vvI2P2OfzYjzCgz9QCxjLqayKIea1SMfASX/01hG9k0xTrujEiou/jF7fcMjLvBEtDEG0Jh9Q9mONnBPTQkIQdY/Y47k6iH1FInfGvdfeFdWUdSqFwgdiTE308j91IMgsD69XAOqGwcSwr2w5eonLn/127fquuRQILLv4GCPF7QrgVGT4vhpzAGQRcADHbIEducTDMf5wff69N3XjlcLYRTTKS9YtIsd1eJbnKK8
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=948d.58efa96c.k1704; bh=ED3vXg+REE/FBfCjAVkCveVpcyq+DXukbrLZwde2HDA=; b=IkgWjJ/4pv6mP6JJNzYLV4W9030RBOV1EraZF9jclONJSyhfUHZDdYU/P9vN8/rXct7Ne1ssZz9aLImlcJIi6sCvCFWQzGq77tmo1GJPbUexWO6MAaKR9Yz3355lTgd0yR5GFGDUTssX9yRAQVZmguYPezFlmZWdaR3sdG0KCc616fpS5r3Wc08irVmH3PBtTABldKB0j2Gz59lrdhz9ZqwamIj+9BVr2lv40XhiNzrRyq+lueWjG8bgTj+h35d6
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 13 Apr 2017 16:38:04 -0000
Date: 13 Apr 2017 12:38:03 -0400
Message-ID: <alpine.OSX.2.20.1704131131450.10511@ary.qy>
From: "John R Levine" <johnl@taugh.com>
To: "Wei Chuang" <weihaw@google.com>
Cc: "IETF DANE Mailinglist" <dane@ietf.org>
In-Reply-To: <CAAFsWK3eMisaC5JjU6WND3Xx3Q=r08Zb-ijVoapDoG8NtSJcKw@mail.gmail.com>
References: <CAAFsWK35neS7t_ZXHiTgSuc4wU4dWzEdAxFCzK+k11drvcOOkA@mail.gmail.com> <20170413031124.79969.qmail@ary.lan> <CAAFsWK3eMisaC5JjU6WND3Xx3Q=r08Zb-ijVoapDoG8NtSJcKw@mail.gmail.com>
User-Agent: Alpine 2.20 (OSX 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/jJglT5zt4v9ofMKM7mg3DrF6_VY>
Subject: Re: [dane] domain hijacking
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Apr 2017 16:38:08 -0000

> Perhaps by making a domain hijacking more visible to everyone, and 
> having a whistleblowing (i.e. reporting mechanism such as used in 
> Coniks) protocol then you could distribute the problem of monitoring.

That's just what I *don't* want to do.  I do not want to be volunteered to 
be an unpaid security officer for everyone else's DNS.

It's fine to think about ways that a domain can secure its DNS and detect 
and fix unauthorized change, but I don't think it's fair to expect the 
rest of the world to do it for you.

R's,
John