IETF Logo Mail Archive

Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension

Paul Wouters <paul@nohats.ca> Thu, 05 April 2018 09:22 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6119012702E for <tls@ietfa.amsl.com>; Thu, 5 Apr 2018 02:22:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GKQ4j_JVMB5g for <tls@ietfa.amsl.com>; Thu, 5 Apr 2018 02:22:48 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CEDF126579 for <tls@ietf.org>; Thu, 5 Apr 2018 02:22:48 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 40Gy6F0ZlLz2C0 for <tls@ietf.org>; Thu, 5 Apr 2018 11:22:45 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1522920165; bh=IeN56b98DNPhyRFiEUY/iPj+r/j7YUYkS77hp43vxdg=; h=Date:From:To:Subject:In-Reply-To:References; b=C8mNmCgpdBC15NhYSo1CSSNoVrOykfYVpyuMeWyHy7JKtzdYiTe6yPsiNPu31JvW8 j98s3b6XtqzxXKvECdVxfJxLxRAwdr4IsTxRT65+LBS2BNu1zB7q6onExT5WmsKGf4 vwWiJ0cD0kKDjG0sKWWm4gj1Yk6BBvWr+2/W9PoA=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 7QMm9I1UDpVR for <tls@ietf.org>; Thu, 5 Apr 2018 11:22:43 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS for <tls@ietf.org>; Thu, 5 Apr 2018 11:22:43 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 5B0693531DD; Thu, 5 Apr 2018 05:22:42 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 5B0693531DD
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 5420F4095AB2 for <tls@ietf.org>; Thu, 5 Apr 2018 05:22:42 -0400 (EDT)
Date: Thu, 05 Apr 2018 05:22:42 -0400
From: Paul Wouters <paul@nohats.ca>
To: tls@ietf.org
In-Reply-To: <CABcZeBNJE+iCccpCt0-BgP79q7eaR6atVQDKF9GmwadiSV=5iA@mail.gmail.com>
Message-ID: <alpine.LRH.2.21.1804050516310.22565@bofh.nohats.ca>
References: <CAOgPGoAhzEtxpW5mzmkf2kv3AcugNy0dAzhvpaqrTSuMSqWqfw@mail.gmail.com> <EDB0F480-1272-4364-9A3D-23F9E1A02141@dukhovni.org> <CABkgnnWBdp=KtmBVDcrR9-5tdVPfhWG7pWR0FE57H=iWS37dWw@mail.gmail.com> <C52564E1-ABCD-4E1A-8517-19743BD2180B@dukhovni.org> <CABcZeBMcvtQ6Ko-2Rmoq3BSVBOqdQwJ65vVrPK0cpSJ9nQCS3w@mail.gmail.com> <20180405022007.GG25259@localhost> <CABcZeBMGdXPF9if8Z_Gnc5MoOrZAOPEV2K3i5Bd_ewC6fdxOEg@mail.gmail.com> <20180405023456.GK25259@localhost> <CABcZeBM8MPMhpb9LpqkWAV7LmsUabk3Q7CtxLFaFMFLQVg-H0g@mail.gmail.com> <20180405030945.GN25259@localhost> <CABcZeBNJE+iCccpCt0-BgP79q7eaR6atVQDKF9GmwadiSV=5iA@mail.gmail.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/iDrAQ7xjDUFlzvoX1vsCxNJGx8w>
Subject: Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Apr 2018 09:22:49 -0000

On Wed, 4 Apr 2018, Eric Rescorla wrote:

>       The motivation for opportunistically using this is to be able to
>       incrementally deploy DANE for HTTPS (and browsers).  Without that it
>       won't get deployed at all for HTTPS.
> 
> I don't see how this is responsive to the concern that this technique will
> be used for hijacking.

To hijack a DANE TLSA record, an attacker has to take over the DNS
domain. Controlling the DNS is equally fatal for the webpki, as you
can just ACME a new certificate at that point. So the hijacking case
is not made worse at all. But the compromise/coercion of only 1 of
600+ (sub)CA's is actually protected against, making DANE a stronger
authentication alternative.

Additionally, in the case of forced domain transfer in relation to an
ownership dispute being litigated, the DANE based pinning is actually
superior to any other kind of pinning, because it gives the (new) domain
owner full control to cancel any outstanding long term pins distributed
by the old/previous/malicious owner.

Paul

v2.15.0 | Report a Bug | By Email