[Cryptography] DNSSEC = completely unnecessary?

Guido Witmond guido at witmond.nl
Mon Nov 4 05:14:58 EST 2013 

On 11/04/13 05:33, Greg wrote:
> In all my readings on it I kept walking away thinking that I
> understood its purpose, but I'd then come back at myself with the
> same question: what does it give us over HTTPS?
> 
> 
> http://www.circleid.com/posts/securing_a_domain_ssl_vs_dnssec/#5830 
> http://www.circleid.com/posts/securing_a_domain_ssl_vs_dnssec/#5841
> 
> Selected quotes:
> 
> Unfortunately, *DNSSEC isn't actually providing additional security 
> against a genuine MITM attack*: SSL/TLS is still the weak link in the
> chain when DNSSEC is used!
> 
> DNSSEC plus SSL/TLS is therefore /not/ defence in depth against 
> general MITM attacks.

I think these quotes are misleading. DNSSEC is designed to prevent
DNS-related attacks, reducing cache poisoning to a DoS-attack.

> 
> [..]
> 
> No, that's precisely wrong. Cache poisoning isn't a serious threat if
> SSL/TLS is working correctly. In the presence of functional SSL/TLS,
> DNS cache poisoning can only produce a denial of service attack. The
> scenario we're trying to prevent is, "A thinks he is talking with B,
> but is actually talking with C." Cache poisoning can give A the
> address of C instead of B, which is a start, but C can't pass himself
> off as B unless he compromises the SSL/TLS process.
> 
> SSL/TLS provides end-to-end security. It catches DNS forgery. It 
> catches route hijacking. It catches an arbitrary man in the middle. 
> If SSL/TLS is working, every security compromise that DNSSEC can 
> prevent has already been covered, and then some.

I guess what this quote means is that two-way authenticated sessions, ie
client and server *remember* each others public keys, don't need any
third party to recognize them at later connections. The problem is to
authenticate if you only know a domain name.

> 
> What say you list? To me, the DNSSEC thing seems like it might be
> mostly a waste of a bunch of people's time.

Not at all a waste. I think, it is the next best thing since sliced bread.

DNSSEC specifies the *intent* of the domain owner. A validated lookup
tells you which of the 160 CAs is the chosen one. It's the domain
owners' responsibility to run a monitoring script to detect rogue
DNS-registrars that send out wrong data, and publicly sentence those to
the internet death penalty.


If you don't trust your chosen CA, ie, it might be coerced to sign a
fake cert by an 'authority', create your own Root Key (on a smart card)
and use that for your server certificate.

The thing that is important is that the browsers must NOT look at the
'trusted' CA-list anymore!


Guido.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131104/5e9514ae/attachment.pgp>

More information about the cryptography mailing list