Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)

Viktor Dukhovni <> Thu, 08 February 2018 16:35 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DDEDF126B6E; Thu, 8 Feb 2018 08:35:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id sgaB6MehX5tj; Thu, 8 Feb 2018 08:35:53 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7A04E12426E; Thu, 8 Feb 2018 08:35:53 -0800 (PST)
Received: from [] ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 7B51D7A3309; Thu, 8 Feb 2018 16:35:52 +0000 (UTC) (envelope-from
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Viktor Dukhovni <>
In-Reply-To: <>
Date: Thu, 08 Feb 2018 11:35:51 -0500
Cc: Shumon Huque <>, TLS WG <>,, The IESG <>, tls-chairs <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <>
To: Eric Rescorla <>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <>
Subject: Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 08 Feb 2018 16:35:56 -0000

> On Feb 8, 2018, at 9:49 AM, Eric Rescorla <> wrote:
>> This depends on the mode of DANE in use (i.e. the Certificate Usage
>> field of the TLSA record). If I recall correctly, this should all be
>> covered in detail in RFC 7671 ("DANE Updates and Operational Guidance").
>> * With DANE-EE, only the EE certificate is matched against the
>>   certificate data/hash in the TLSA record. There is no CRL/OCSP
>>   style revocation. Revocation would be performed by removing the
>>   TLSA record from the DNS.
>> * With DANE-TA, the indicated CA certificate referenced in the TLSA
>>   record may have advertised revocation mechanisms that need to be
>>   consulted.
>> * With PKIX-EE and PKIX-TA modes, the standard PKIX revocation mechanisms
>>   need to be consulted and honored.
> Well, neither of these modes is useful here, as an attacker will simply ignore the
> extension.

Good point.

Well, if a server publishes "CA constraint" (PKIX-TA(0)) or "service
certificate constraint" (PKIX-EE(1)) TLSA records, presumably it is
precisely because they believe that PKIX alone is not enough, and
would like to require at least one of the specified constraints to
be satisfied.

So if the records do make it to the client, the client should
probably honour them if it is doing DANE-based authentication.

However, as you correctly observe, with this in-band TLSA record
delivery mechanism, an attacker who is able to able PKIX-verifiable
certificates and keys for the target domain can simply not respond
with the extension and deliver just the PKIX key material.  So if
a client is willing to go with just PKIX for servers that don't
support the extension, then it subject to a "dane-stripping"
downgrade attack when using this mechanism.

We should also note that clients might cache the obtained TLSA
records, and so might not accept just PKIX while cached records
are available, even if TLSA records are stripped on a subsequent

But the key question boils down to whether the client is configured
to *require* DANE for the connection (in which case just PKIX is
clearly not enough), or whether it is doing a form of "opportunistic
DANE" (for lack of a better term in this message) with the server
optionally providing the records, but otherwise the client resorts
to using just PKIX.

In the "opportunistic DANE" case one might argue that, when PKIX-TA(0)
or PKIX-EE(1) fail, but PKIX alone would otherwise succeed, the client
should accept PKIX alone, since a downgrade attack can typically strip
DANE.  But if the client is caching previously seen TLSA records, then
the downgrade attack is partially mitigated (for the TTL of the cached
records).  The client may elect to request new TLSA records before the
expiration of the previous ones are expired, extending such protection
until it stops communicating with the server sufficiently regularly to
be able to keep a copy of unexpired TLSA records in its cache.

So all in all, I think there may be enough merit in rejecting on DANE
failure, subject to local policy, but the client might elect to trust
bare PKIX.

For clients that do reject PKIX success based on DANE failure, and
cache obtained TLSA records, it might have been good to recommend
refreshing the TLSA records while the cached data is still valid
(say the smaller of some refresh time or 50% of TTL has expired).
That way, for a client that keeps communicating regularly may be
(partially) protected against downgrades.  Perhaps it is too late
to make such a change at this stage in the document's life-cycle.

Summary as I see it:

  * Mandatory DANE:
 MUST Refuse absence of TLSA RRs or failure
    of PKIX-TA(0) and PKIX-EE(1).  Must fail when no TLSA RRs
    are cache and the server does not present the extension.

  * "Opportunistic DANE": MAY refuse failed PKIX-TA(0) and PKIX(1)
    if caching replies, and SHOULD attempt to refresh cache before
    expiration to reduce opportunity for downgrades.  Non-caching
    clients don't really gain security by refusing valid PKIX on
    DANE failure, and MAY choose to continue.