Re: Quic: the elephant in the room

David Conrad <drc@virtualized.org> Sun, 11 April 2021 22:58 UTC

Return-Path: <drc@virtualized.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 239333A2262 for <ietf@ietfa.amsl.com>; Sun, 11 Apr 2021 15:58:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=virtualized-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EDfj-2wIYCvU for <ietf@ietfa.amsl.com>; Sun, 11 Apr 2021 15:58:35 -0700 (PDT)
Received: from mail-pf1-x42d.google.com (mail-pf1-x42d.google.com [IPv6:2607:f8b0:4864:20::42d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6493F3A2260 for <ietf@ietf.org>; Sun, 11 Apr 2021 15:58:35 -0700 (PDT)
Received: by mail-pf1-x42d.google.com with SMTP id s11so7993735pfm.1 for <ietf@ietf.org>; Sun, 11 Apr 2021 15:58:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtualized-org.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=aHwkPG8e9iPqn90XcgBwleDuxHIW6QpBZskVXInAXh0=; b=U3N/M92CVNu/axc030vAgW3zzSIhPOMlJEq7bwLvw3w3r49wRWgmjoSTtcSz3acSFV /5/Tc6CbxUAlvIXVetnb93brx5Sd1l1xkWmnbO7w5kI6w0/uTgzYquFhevrS3SF+cwtE 9dezXO0UdBzeL8sYJo4StHLLbLUtCnvgEOuOs8gDpMBNAPNQYxj7efIsWczG4sfg0GoC 6qUgVK9OXKsy2ZUcMI4oq9HnpM05a6LbK6L0qdok7ZrFiaoi4ANghNqdqPkJPKxutIeg 9+vL8hwWRLCCyuAHuI12RL0OxBrLGKC8iMuWpyx8SJshZe7IqIXtaVdw/99cmSIwEFpH BLiA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=aHwkPG8e9iPqn90XcgBwleDuxHIW6QpBZskVXInAXh0=; b=gd05+rpTbh3+JYi6qaFu81lauAp4W9XVgz0Uba0Ra8N6axrqi6zTnoNXaAiz3LAkS8 JJ0tRI0dak0iCw7u6ooLeC+0TCQa/kTTK+/JtdpRkGeXcvcZyPTEAwdsFv2NqbYG//lY jqtOufHp+2sSNzSJ9RmYGNxvINHfOsigYyJ5V44ngWhVEPKMGsAlZj29pN1Xq8OBMCnr tgvlnudHpzVGYvi2Crsjg5LwtL3KLIsQ0PR8mhEqX12DU0wdOeolmWUdtA/ahis/mBAe nmitSeCMSNUVTlB+5CTITV1htT3gWWzGPl3Id/pUwDbI9myXAIWTuaqyyuJ7b653UKv9 PqZw==
X-Gm-Message-State: AOAM5315iRqj3BQPSM2b4Qa/ewnaBXw1Hw7UyQ6ITU5orZ2xzIlcBRHY jkSABuNho101Z0ECWH551mq5pg==
X-Google-Smtp-Source: ABdhPJxHKQ06v/PHbV3pzlQW5sdlzP41KnuTjWDnXiE7v8usgYpIg9BkP6H1U/h67f/nFV5qEwJxzA==
X-Received: by 2002:a63:7d5:: with SMTP id 204mr23182975pgh.259.1618181914293; Sun, 11 Apr 2021 15:58:34 -0700 (PDT)
Received: from [192.168.4.74] (75-12-19-168.lightspeed.irvnca.sbcglobal.net. [75.12.19.168]) by smtp.gmail.com with ESMTPSA id k69sm9692861pga.45.2021.04.11.15.58.33 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 11 Apr 2021 15:58:33 -0700 (PDT)
From: David Conrad <drc@virtualized.org>
Message-Id: <13624671-8257-4C82-B718-0B0C420152BE@virtualized.org>
Content-Type: multipart/signed; boundary="Apple-Mail=_D4C9F143-E907-4D4E-89B5-37CF07552564"; protocol="application/pgp-signature"; micalg=pgp-sha256
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
Subject: Re: Quic: the elephant in the room
Date: Sun, 11 Apr 2021 15:58:32 -0700
In-Reply-To: <CAMm+LwgPv2UK6ECOAfZW_SdZVM9qL=xCcF-rZBiKujXjDX9a1w@mail.gmail.com>
Cc: IETF Discussion Mailing List <ietf@ietf.org>
To: Phillip Hallam-Baker <phill@hallambaker.com>
References: <3b25c77d-e721-e86d-6c34-a90039aab0e2@mtcc.com> <CAMm+Lwhi8xwFgZJL7jod2g4urZt_f+dm0tNi+3y1osqOfch2mQ@mail.gmail.com> <3593a01f-73f4-7d03-a85b-dff64a8b070e@mtcc.com> <CABrd9STZXonBDvWB7Z36H2mD20Juubc01TUmEvpfWkvJggQVOQ@mail.gmail.com> <20210410175712.GF9612@localhost> <926C5F27-E011-4809-88DB-DBC9A8976D01@dukhovni.org> <20210410195048.GG9612@localhost> <bfdceabb-143b-a0ab-3041-05888e8f39f2@mtcc.com> <YHIPXIA8KUueSd+f@straasha.imrryr.org> <CAMm+LwiLkkv0wgRQQ23dwrMFm7tqDyk9DLkiu8chN68QZb-hXw@mail.gmail.com> <YHJ8kxEjV1iThlUD@straasha.imrryr.org> <CAMm+LwgPv2UK6ECOAfZW_SdZVM9qL=xCcF-rZBiKujXjDX9a1w@mail.gmail.com>
X-Mailer: Apple Mail (2.3654.60.0.2.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/WSggd2A7xGoC-Y0DpXQW0MjAx6w>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Apr 2021 22:58:40 -0000

On Apr 11, 2021, at 7:56 AM, Phillip Hallam-Baker <phill@hallambaker.com> wrote:
> > Only VERIFYING digital signatures provides security. And nobody knows what
> > to do when DNSSEC validation fails so nobody really does it
> 
> This is false both in premise and conclusion.  I was tempted to ignore
> the rest of the post, but ...
> 
> If nobody is ever going to check the sigs, they could simply be random bytes.

People are validating. See, e.g., https://stats.labs.apnic.net/dnssec

As you’re undoubtedly aware, validation failure results in a SERVFAIL response. In the case of an A or AAAA query, applications do not get an IP address back so it isn’t possible for users to "click through” to potentially compromised sites. Not an ideal error handling approach but arguably safer than alternatives.

Regards,
-drc