[Cryptography] Certificates and PKI
Viktor Dukhovni
cryptography at dukhovni.org
Sun Dec 21 14:19:44 EST 2014
On Sun, Dec 21, 2014 at 06:25:58PM +0100, Guido Witmond wrote:
> By promoting DANE support in the browsers. Install every DANE-validator
> plugin and enable the browser to spy on your plugin-list.
Yes, but we're not quite there yet. There's some work left to do
in this space:
* Who's writing non-toy DANE validator plugins for browsers?
Has the code in question been independently reviewed?
* With HTTP plus DANE, should the PKIX-TA(0)/PKIX-EE(1)
certificate usages be supported by browsers, or should
DANE-TA(2)/DANE-EE(3) be supported instead? Supporting both
essentially reduces the former to a less reliable version
of the latter, so a design choice needs to be made.
* More progress needs to be made on the DNSSEC last-mile
problem, and a number of large DNSSEC hosting registrars need
to fix broken nameserver implementations.
* Some middleboxen appear to drop TLSA queries over IPv4, but
allow same over IPv6.
* With other middleboxen an "NXDOMAIN" result is returned just
fine for "_25._tcp.mail.example.com IN A ?" and would have
worked for "_25._tcp.mail.example.com IN TLSA ?", were the
"TLSA" query not dropped.
* Over UDP, DNSSEC creates a greater DDoS exposure, that in
part is holding back adoption. Over TCP the latency cost of
doing 3-way handshakes for every lookup is too high. We
don't have MinimalT or similar deployed for DNS, but this
could potentially address the latency, confidentiality and
DDoS problems for DNSSEC. Of course rolling out a new
transport will take decades.
Solving the problem in theory is much easier than solving it in
practice...
--
Viktor.
More information about the cryptography
mailing list