[Standards] Unsigned DANE records for TLS assertions
dave at cridland.net
Tue Nov 26 12:20:21 UTC 2013
On Tue, Nov 26, 2013 at 12:04 PM, Tony Finch <dot at dotat.at> wrote:
> Dave Cridland <dave at cridland.net> wrote:
> > What I'm wondering is whether an initiator could use the presence of a
> > record to decide not to consider falling back to XEP-0220. In other
> > whether a domain could use them to assert that it has a valid
> The DANE drafts that I produced (for mail protocols) specified that
> clients should expect the server to have a valid certificate and should
> not fall back to unauthenticated or unencrypted connections.
Right, but that would assume the records are signed, correct?
I'm vaguely trying to work out, too, the relationship between XEP-0220
(which relies on an unspoofed DNS to operate) and unsigned TLSA records.
If, instead of XEP-0220, we used unsigned DANE, would this work just as
It's an interesting (to me) point, because going from unsigned TLSA to
either of signed TLSA (ie, proper DANE) or a CA-signed authoritative
certificate (ie, a proper cert) should be relatively smooth.
I suspect we still need to call back in the case of unsigned records and
self-signed certificates, because otherwise an attacker could spoof the DNS
and wouldn't need to stage a server. If they can stage a server and spoof
the DNS, then they can already spoof XEP-0220.
I do not know whether it's harder to spoof two co-related unsigned records
within the same zone, though.
I would note that an unsigned TLSA concept would implicitly mandate TLS -
as such, the right comparison is with XEP-0220 over TLS, rather than
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Standards