[Cryptography] Doing DNS properly Re: Apple's iCloud+ "VPN"
Viktor Dukhovni
cryptography at dukhovni.org
Mon Jun 28 15:21:45 EDT 2021
> On 28 Jun 2021, at 2:37 pm, Phillip Hallam-Baker <phill at hallambaker.com> wrote:
>
> Using DANE via DNS resolution is never gonna happen. It is silly to think it could. There is no way that google is going to delay connecting to a page while it waits for TLSA round trips to complete.
Latency has nothing to do with it. They wait for A/AAAA lookups to complete, and
the TLSA lookup can be done in parallel with the A/AAAA lookup, and even overlap
the connection establishment. The TLSA RRs are only needed at the point at which
the server certificate chain is being validated.
There is however a real obstacle, which is that various captive portals, and shitty
ISP-provided CPEs get in the way of end-to-end DNSSEC. This does mean that the
user's stub resolver needs a way to bypass the local network, just as it would
for your non-DNS protocol.
Basically, the obstacle is that edge-network providers mediate DNS resolution.
There are both good and bad reasons for them to do that. The real world is full
of messy trade-offs. :-(
--
Viktor.
More information about the cryptography
mailing list