Post AiQExjm3fB46SSZupU by huitema@social.secret-wg.org
(DIR) More posts by huitema@social.secret-wg.org
(DIR) Post #AiLFVqbbnaldhW9jZw by mnot@techpolicy.social
2024-05-28T01:45:52Z
1 likes, 1 repeats
Yes, please.https://blog.apnic.net/2024/05/28/calling-time-on-dnssec/
(DIR) Post #AiQExhQ0QCEl9UFHBA by huitema@social.secret-wg.org
2024-05-28T04:10:05Z
0 likes, 0 repeats
@mnot The Internet is always evolving, and Geoff is right that security-by-TLS has beaten security-by-DNSSEC hands down. But then TLS credentials depend on proof-by-DNS, and thus from the security of DNS resolution. If we want to ditch DNSSEC, it would be nice to have some theory on the security of DNS resolution that does not have a circular dependency on the security of TLS.
(DIR) Post #AiQExieZpVUEyy4QWu by jeroen@secluded.ch
2024-05-30T16:02:50Z
0 likes, 0 repeats
@huitema @mnot the answer maybe lies in DANE: replace the CAs with DNSSEC. Note also that we currently we have effectively only one CA: Let's EncryptAs long as the large corps do not move though, little will change, as most companies follow the big ones, even though they might need their tech...
(DIR) Post #AiQExji9tfwiGMknke by feld@bikeshed.party
2024-05-30T16:24:35.548258Z
0 likes, 0 repeats
@jeroen @huitema @mnot > Note also that we currently we have effectively only one CA: Let's EncryptCaddy and acme.sh default to ZeroSSL, not LetsEncrypt... So we have two that most people know about. A third is Buypass Go
(DIR) Post #AiQExjm3fB46SSZupU by huitema@social.secret-wg.org
2024-05-28T04:21:16Z
0 likes, 0 repeats
@mnot Geoff is also right that many of the efforts of the 90's did not exactly pan out. DNSSEC of course, but also BGPSEC which appears really hard to deploy, and IPSEC which has niche usage instead of being a fundational protocol. However, I think that completely replacing the end-to-end Internet by a CDN mediated infrastructure would enshrine CDN companies as gatekeepers. We should really think twice before swallowing that!
(DIR) Post #AiQUWqH8yvR24NJdbM by jeroen@secluded.ch
2024-05-30T16:29:26Z
0 likes, 0 repeats
@feld @huitema @mnot 71% of all certs issued are from ISRG/LetsEncrypt, ZeroSSL falls under "other" (<5%) as per https://ct.cloudflare.comBut indeed, ZeroSSL is an option and one can configure multiple SSL certs with different cert paths on the same HTTP host, in case one of them breaks. Backups are good to have
(DIR) Post #AiQUWqzoIrAEIuDJDs by huitema@social.secret-wg.org
2024-05-30T17:31:22Z
0 likes, 0 repeats
@jeroen @feld @mnot Dane pretty much means that the TLD managers set the policy. So we would get up to 1400 CA, probably much less because many orgs manage multiple TLDs. Still some competition, but changing CA would require changing name, and that's a big hurdle.
(DIR) Post #AiQUWri7e6bqWKwhI8 by jeroen@secluded.ch
2024-05-30T18:01:48Z
0 likes, 0 repeats
@huitema @feld @mnot TLDs can set policy, and they should, it is their TLD after all. Note that .dev already has mandatory HSTS.Changing domain names is horrible anyway; and using different nameservers in other TLD does not help that: delegation from TLD to domain not working, no domain at all.Thus that single domain/TLD risk exists already today, with SSL on top if there was an active component in checks (the CA not being revoked). DANE in theory could remove that...
(DIR) Post #AiQUWsc8HrPdK39Qau by huitema@social.secret-wg.org
2024-05-30T18:09:35Z
0 likes, 0 repeats
@jeroen @feld @mnot the domain operation depends on the TLD continuing to advertise the name, and neither Dane not PKI will change that. The failure mode of Dane is if the TLD registry somehow hacks the client domain DNS data, so that a hacker (or a state agency) can intercept the domain's traffic. The domain has to "trust" the TLD management, because there is not much they can do if the TLD managers start colluding with attackers.
(DIR) Post #AiQUWtQ7I1OXp4XLVI by jeroen@secluded.ch
2024-05-30T18:15:27Z
0 likes, 0 repeats
@huitema @feld @mnot good point, an adversary/hacked TLD could indeed change the DNSSEC keys and thus also swap out everything else including DANE TLS certs; would be a very easily caught (cert transparency)Similar to a rogue SSL CA issuing a wrong cert, they can make a private key and sign it with the CA as they are the CA. Would also need to attack DNS then though.Side effect of hierarchies.Would need multi-signer to avoid that.... and hope not all compromised.
(DIR) Post #AiQUWuKTuSTudsuMMK by huitema@social.secret-wg.org
2024-05-30T18:24:02Z
0 likes, 0 repeats
@jeroen @feld @mnot If a CA is caught playing games, they will be taken out of the trust list of lots of key software and the domains will just get certs from different CA. But if a TLD plays games, the only remedy for existing domain users is to change domain names. That's why many people are uneasy, especially when it comes to ccTLD.
(DIR) Post #AiQUWuw3ekXUWQUMvg by jeroen@secluded.ch
2024-05-30T18:31:35Z
0 likes, 0 repeats
@huitema @feld @mnot those lists are run by Mozilla (for Linux distro), Google (who own >80% of browser market) and la bit at Microsoft.... only a few mostly anonymous/inaccessible blobs with big legal departments. LetsEncrypt sponsored by... ah the above.ccTLDs tend to be covered by law of their local government; .com though is a US corporation.... I know I can walk into the SWITCH.ch offices ;) [and why my primary domain is .ch ;) ]But yes, complex...
(DIR) Post #AiQUWvpML8m7HwMX7w by feld@bikeshed.party
2024-05-30T19:18:48.516121Z
0 likes, 0 repeats
@jeroen @huitema @mnot .com, .net, and .org are all operated by Verisign who is happy to bend over for the federal government here and do whatever is asked of them