[Standards] Unsigned DANE records for TLS assertions
stpeter at stpeter.im
Wed Dec 4 08:57:06 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 11/26/13 5:20 AM, Dave Cridland wrote:
> On Tue, Nov 26, 2013 at 12:04 PM, Tony Finch <dot at dotat.at
> <mailto:dot at dotat.at>> wrote:
> Dave Cridland <dave at cridland.net <mailto:dave at cridland.net>>
>> What I'm wondering is whether an initiator could use the
> of a TLSA
>> record to decide not to consider falling back to XEP-0220. In
> other words,
>> whether a domain could use them to assert that it has a valid
> The DANE drafts that I produced (for mail protocols) specified
> that clients should expect the server to have a valid certificate
> and should not fall back to unauthenticated or unencrypted
> Right, but that would assume the records are signed, correct?
> I'm vaguely trying to work out, too, the relationship between
> XEP-0220 (which relies on an unspoofed DNS to operate) and unsigned
> TLSA records. If, instead of XEP-0220, we used unsigned DANE, would
> this work just as (in)securely?
Why "instead of"? It seems that we have dialback and will have it
forever, so why not build upon it and make it more secure via DNSSEC
and TLSA records? That's what Matt Miller and I have been pursuing in
> It's an interesting (to me) point, because going from unsigned TLSA
> to either of signed TLSA (ie, proper DANE) or a CA-signed
> authoritative certificate (ie, a proper cert) should be relatively
> I suspect we still need to call back in the case of unsigned
> records and self-signed certificates,
Or something like anonymous DH?
> because otherwise an attacker could spoof the DNS and wouldn't need
> to stage a server. If they can stage a server and spoof the DNS,
> then they can already spoof XEP-0220.
> I do not know whether it's harder to spoof two co-related unsigned
> records within the same zone, though.
> I would note that an unsigned TLSA concept would implicitly mandate
> TLS - as such, the right comparison is with XEP-0220 over TLS,
> rather than "vanilla" XEP-0220.
I'd be curious to hear what Tony or other DNS experts have to say.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Standards