[Standards] Unsigned DANE records for TLS assertions
dave at cridland.net
Mon Nov 25 13:53:42 UTC 2013
On Sat, Nov 23, 2013 at 1:37 PM, Michal 'vorner' Vaner <vorner at vorner.cz>wrote:
> On Fri, Nov 22, 2013 at 10:07:51AM +0000, Dave Cridland wrote:
> > - If an attacker removes the record by fiddling with the DNS, then they
> > can mount an MITM attack. Note that they can also fiddle the DNS into
> > redirecting the connection too. It's not clear if this makes things any
> > harder than before.
> > - If an attacker adds in a TLSA record, this could act as a denial of
> > service.
> > On reflection, I'm not sure if this is actually an overall benefit, but I
> > thought I'd throw the idea out.
> I didn't read the RFC, but my impression was that it mandated TLSA is
> signed by DNSSEC. So, the right thing should probably be to ignore and warn
> about unsigned TLSA records, not to honor them.
Yes, that'd be the spec's preference.
What I'm wondering is whether an initiator could use the presence of a TLSA
record to decide not to consider falling back to XEP-0220. In other words,
whether a domain could use them to assert that it has a valid certificate.
The spec doesn't say so - the spec is heavily geared toward HTTPS, where
opportunistic encryption constructs, as are used in XMPP, don't really
exist at all.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Standards