Re: [TLS] Draft updates: tls-dnssec-chain
Viktor Dukhovni <ietf-dane@dukhovni.org> Sat, 28 April 2018 18:34 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 241AA127201 for <tls@ietfa.amsl.com>; Sat, 28 Apr 2018 11:34:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zU_pepTEh-ae for <tls@ietfa.amsl.com>; Sat, 28 Apr 2018 11:34:04 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [108.5.242.66]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E29C126DFB for <tls@ietf.org>; Sat, 28 Apr 2018 11:34:04 -0700 (PDT)
Received: from [192.168.1.161] (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mournblade.imrryr.org (Postfix) with ESMTPSA id 991687A3309 for <tls@ietf.org>; Sat, 28 Apr 2018 18:34:03 +0000 (UTC) (envelope-from ietf-dane@dukhovni.org)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <CAL02cgTkx-F0K++XdjA-DS4Kdh_BsB+zWUQB=Sp0ojSKs0u+vw@mail.gmail.com>
Date: Sat, 28 Apr 2018 14:34:02 -0400
Content-Transfer-Encoding: quoted-printable
Reply-To: TLS WG <tls@ietf.org>
Message-Id: <965A64B5-CFD2-44BE-A0C6-6549DA5930D3@dukhovni.org>
References: <CAHPuVdW4kJQ5-mhCGR9BW6dDaN25Lv_Dsr9ygoNwrDsC=c7vuA@mail.gmail.com> <8C791467-A81E-499F-A437-E573C925C125@dukhovni.org> <CAL02cgTkx-F0K++XdjA-DS4Kdh_BsB+zWUQB=Sp0ojSKs0u+vw@mail.gmail.com>
To: TLS WG <tls@ietf.org>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/wV6dp3HPfHoBnyn7-vs0QUt3Qwo>
Subject: Re: [TLS] Draft updates: tls-dnssec-chain
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Apr 2018 18:34:06 -0000
> On Apr 28, 2018, at 2:17 PM, Richard Barnes <rlb@ipv.sx> wrote: > > Let's just scope this to the additive case. When you say "additive case" do you mean to cover just applications where the extension is mandatory? Or you expect the extension to also have some value when it is optional? I thought I explained fairly well why optional use does not pan out, there was no cost/benefit to refute the one I posted (quoted below). Servers will never start deploying the non-mandatory 'additive case', absent downgrade protection, it makes no sense for them to do that: --- Viktor Dukhovni <ietf-dane@dukhovni.org>, 2018-04-08 19:27:36-0400 --- And yet, as it stands, the deployment cost-benefit analysis for this extension in existing applications plays out as follows: COSTS: * You still manage WebPKI certificates to support the majority of existing clients. * If the WebPKI is compromised, you're compromised. * If DNSSEC is compromised, you're compromised * You pay the complexity cost of also supporting the extension * You might present incorrect TLSA records and the connection might fail even when it would otherwise succeed with WebPKI BENEFITS: * Nothing other than bragging rights that you're cool enough to deploy a shiny new technology --- Notably, just a confirmation that the above is basically sound: --- Martin Thomson <martin.thomson@gmail.com>, 2018-04-05 12:07:57+1000 --- Your cost benefit analysis seems about right though. --- So with downgrade protection out, the present scope is *exactly* the applications where the extension is mandatory (whatever these might be). -- Viktor.
- [TLS] Draft updates: tls-dnssec-chain Shumon Huque
- Re: [TLS] Draft updates: tls-dnssec-chain Richard Barnes
- Re: [TLS] Draft updates: tls-dnssec-chain Viktor Dukhovni
- Re: [TLS] Draft updates: tls-dnssec-chain Viktor Dukhovni
- Re: [TLS] Draft updates: tls-dnssec-chain Paul Wouters
- Re: [TLS] Draft updates: tls-dnssec-chain Viktor Dukhovni
- Re: [TLS] Draft updates: tls-dnssec-chain Shumon Huque
- Re: [TLS] Draft updates: tls-dnssec-chain Viktor Dukhovni