[Standards] Unsigned DANE records for TLS assertions

Dave Cridland dave at cridland.net
Mon Nov 25 13:53:42 UTC 2013


On Sat, Nov 23, 2013 at 1:37 PM, Michal 'vorner' Vaner <vorner at vorner.cz>wrote:

> Hello
>
> On Fri, Nov 22, 2013 at 10:07:51AM +0000, Dave Cridland wrote:
> >  - If an attacker removes the record by fiddling with the DNS, then they
> > can mount an MITM attack. Note that they can also fiddle the DNS into
> > redirecting the connection too. It's not clear if this makes things any
> > harder than before.
> >
> >  - If an attacker adds in a TLSA record, this could act as a denial of
> > service.
> >
> > On reflection, I'm not sure if this is actually an overall benefit, but I
> > thought I'd throw the idea out.
>
> I didn't read the RFC, but my impression was that it mandated TLSA is
> always
> signed by DNSSEC. So, the right thing should probably be to ignore and warn
> about unsigned TLSA records, not to honor them.
>

Yes, that'd be the spec's preference.

What I'm wondering is whether an initiator could use the presence of a TLSA
record to decide not to consider falling back to XEP-0220. In other words,
whether a domain could use them to assert that it has a valid certificate.

The spec doesn't say so - the spec is heavily geared toward HTTPS, where
opportunistic encryption constructs, as are used in XMPP, don't really
exist at all.

Dave.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20131125/9d009973/attachment.html>


More information about the Standards mailing list