Re: DNS vs PKI, was Quic: the elephant in the room

John Levine <johnl@taugh.com> Sat, 10 April 2021 18:31 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC2613A0D98 for <ietf@ietfa.amsl.com>; Sat, 10 Apr 2021 11:31:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.851
X-Spam-Level:
X-Spam-Status: No, score=-1.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=XAmqPolv; dkim=pass (2048-bit key) header.d=taugh.com header.b=EeccWiRR
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DFlYnLfQU3N7 for <ietf@ietfa.amsl.com>; Sat, 10 Apr 2021 11:31:27 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54F7B3A0D95 for <ietf@ietf.org>; Sat, 10 Apr 2021 11:31:27 -0700 (PDT)
Received: (qmail 73040 invoked from network); 10 Apr 2021 18:31:24 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=11d4e.6071eefc.k2104; bh=/D7wyWpjpnt2zdMva1C0P3f2ptOXK+LuPZ2E3TKFfA8=; b=XAmqPolvBwMqG9TNC7p/1zCxXf3OJTwGeeafRlzFlMaitdQiqqtD59ezjiVa/BXP44zBTeZg7XACftcDnCPkDcT+WMD1KyqFeebkTk+gknrSclMrKXG4ShjpyoWHwTjP93NnMBVt1bs4xHFhMVuRVDB5ZINbWg2yKUp5XGwy1hd2CThzEsKPdIrRC9LZYUn1sGccrW0v9JytFugK36jWozDZfh2obEOuyGRGpMRSYxSl0iJeYW8eWSP2j+67KJUzes93fvT/TjCqk1EgjTLZmqihCsbSwsUw+LTJHnd7knhbSYE8jXt9kOH2Dz9A6SGX4nkH3Lvsotv2BmEaDIXM+Q==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=11d4e.6071eefc.k2104; bh=/D7wyWpjpnt2zdMva1C0P3f2ptOXK+LuPZ2E3TKFfA8=; b=EeccWiRR3HXDKaTeJHq+JImeMbRel1SBkq0izaRKF+WOOA+2ua0RBJ/szri4TWo/11dekxCQgpKzLd/ma+cojV9FBMbSKxphaGqi52hoh4Sz0+dw017vum9vGqVW4zMEo6IJ++0Mqoh9HMpAWoYAyHv0eGWPF2D4+EsjIs1ESXdIOq2CPD2CjtfXTsAUeHzOHOony5rp511+WgThyDRCD/kbXhG92GbboMJVNtG+aL9i7rBEQcthjuNZT4yMVJHdBX42JchoJHvelbvM+fkyT6azrV7u/s9zl3FZysSGZBQ/2EPaMRHzi/l8LIwOo2a+nifas0f34NCCqYHQ958Otw==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 10 Apr 2021 18:31:23 -0000
Received: by ary.qy (Postfix, from userid 501) id CAD6E72A273B; Sat, 10 Apr 2021 14:31:19 -0400 (EDT)
Date: 10 Apr 2021 14:31:19 -0400
Message-Id: <20210410183122.CAD6E72A273B@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: ietf@ietf.org
Subject: Re: DNS vs PKI, was Quic: the elephant in the room
In-Reply-To: <926C5F27-E011-4809-88DB-DBC9A8976D01@dukhovni.org>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/LOjOuonbtDeclJsPZ5kkn20nZoo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Apr 2021 18:31:33 -0000

It appears that Viktor Dukhovni  <ietf@ietf.org> said:
>Ben's claim that CAs are "more secure" than DNSSEC is demonstrably
>in error in a world where all that CAs do is issue DV certs that
>attest to "domain control".

More than that, the security of your DNS depends on the providers in
the chain between you and the root, which is typically short, and over
which you have a lot of control. If you have a valuable domain, you
can use a high security registrar that applies controls to zone
changes. With PKI, your security is only as good as the worst of all
of the CAs in someones browser, nearly all of which have no relation
to you and most of which you've never heard of.

This is not a new argument and I doubt we're going to say anything new here.

R's,
John

PS: I know about CAA, but if you believe it matters, that means CA
security can be at best as good as DNS security.