[Cryptography] Certificates and PKI

Viktor Dukhovni cryptography at dukhovni.org
Tue Dec 23 11:54:52 EST 2014

On Tue, Dec 23, 2014 at 10:56:47AM +0000, Ben Laurie wrote:

> > Not "magically", but systematically. Every domain owner has chosen a
> > registry, and possibly a registrar (some registries do not have registrars).
> > There is an established business relationship with the registry that means
> > that you trust them with serving your name correctly. There is fate-sharing
> > between the name you registered and the contents that the registry
> > advertises. Given that fate-sharing, they are in a position to attach any
> > DNS-specific semantics to your name, such as the DS records.
> I'm not getting the distinction you're making here. This sounds pretty
> much exactly like the relationship you have with a CA...

But it very much is not, because you don't acquire and retain
ownership of a domain through a CA, and every CA can issue
certificates, not just the one you're paying to do so.

Domain control *is* having your domain registered to you, through
some registrar/registry.  Paying a CA for a certificate for a domain
is NOT domain control.

Ben, there are various obstacles to widespread use of DANE today,
I mentioned most of them, but being less secure for DV than a CA
is *not* one of them.  On the contrary, DV by a CA is strictly
weaker, since control of registration or ability to make DNS changes
gets you a DV cert.  

The new Let's Encrypt initiative (an example soon to be CA) will
I fear not take into account the DNSSEC status of domains.  And
thus issue DV certs based on MiTM vulnerable ability to respond to
insecure email for admin at example.com or spin up an unauthenticated
HTTP or HTTPS site.

So, I think you're being a bit obstinate on this one, let's discuss
something more substantive.


More information about the cryptography mailing list