On Thu, May 30, 2013 at 6:13 AM, Jakob Schlyter <[email protected]> wrote:
> On 30 maj 2013, at 10:09, Christian Heutger <[email protected]> wrote: > > > I support your point of view, however domain validation also has some > > advantages with public certificates over DANE. The requirement for > > renewing (create new private key), the instant revoke with CRL and OCSP > > (against caching DNS) but finally also to aware against hackers and > > spammers. So if you look at DANE, everyone can run a valid site with > https > > and e.g. spread malware through that as often https traffic is not > scanned > > and usually be trusted, like recent mentioned phishing attacks. In > > addition with SMTP over TLS running mail servers, the assumption would > be, > > that it is a valid mail server. If everyone can go with SMTP over TLS, > > giving more trust to valid SMTP connections will be undergone. > > The additional services you mention are optional and not part of WebTrust > and/or ETSI certifications. There is no guarantee that such services are > performed on services served under a classic PKI certificate. > > Regarding revocation we've seen too many examples where CRLs are not > checked properly by the clients and/or OCSP responders are not responding > (or responding so slow that users disable them). This might not be how the > PKI infrastructure was designed, but it is the reality. > > Anyone can do SMTP with TLS today and most (sane) mail servers do that. > Without classic PKI. And the SMTP servers they talk to do no validation > whatsoever. DANE can only make things better here. > I agree with Jacob here but for a slightly different set of reasons. First and most important, SMTP certs are only ever seen by SMTP clients which are almost always MTAs in the modern Internet. It is not possible to send SMTP on port 25 from 95% of IP addresses. You have to use submit. So even if someone wanted to put a user experience onto STARTTLS they can't. And doing so would be a silly idea because STARTTLS is not end to end at the receiver. So STARTTLS is an application where we only ever require confirmation of the DNS name and nothing more. There is no need for accountability in a receiver. There is no need to validate a claim to a real world identity and reputation. The Web is a very different environment because many sites do accept payments and phishing is a threat. We are finding that the number of sites that require accountability or establishing an identity or external reputation claim is actually greater than the number of sites with CA certs. So reducing the validation criteria to nothing more than a domain name check is really not acceptable for those Web applications. DANE is certainly relevant for the 95%+ of Web sites without any TLS at all. Just as anything is better than a self signed unbound cert, anything is better than no crypto. Just don't tell people to have confidence in it. Do the crypto and don't mention that you did. Whatever techies think the padlock icon SHOULD mean, the only meaning the users will ever understand is 'I am safe'. So unless you think DANE alone makes people SAFE then there should be no user interface. The main reason that the WebPKI is designed the way that it is is that Marc Andressen wanted to tell people that it is safe to shop online and the Netscape lawyers told him that they were not going to let him take that liability. Rather ironically, SSL was Marc's real contribution to the Web. He gets no credit for it for two reasons. First he had a non-compete with EIT that stopped him working on security (ever wondered why they chose Kipp knowing he had no crypto experience?). Second, well you all know that one. The liability concern is still there. Any browser provider that tells their users that it is safe to use a site validated on DANE alone is accepting an indeterminate liability. [I think they are also kind of blowing it by not implementing revocation checking properly but that is an easy fix for them. One morning there will be some case and some lawyer will say 'hardfail OCSP'. And suddenly a bunch of CAs with rubbish OCSP responders are going to be finding that they have to fix them before they get their roots renewed.] Which gets me back to STARTTLS and certs there. Sure DANE is better than nothing and it is actually a good fit administratively. As a commercial model it makes perfect sense for CAs to package DNSSEC administration up with SSL certage and why not present through DNS and DANE? Its a good sales package for the CAs to offer. But I would not want to offer that package without putting the standard disclaimers and warranties etc. in the certificate or else my liability is going to be a problem. And I am probably going to want to offer something for the outbound mail server as well (Using DKIM) where accountability is a real issue and so the customer would want the cert issued off a public root. So yes, DANE is synergistic with SMTP but it is an adjunct to rather than a replacement for traditional PKI. -- Website: http://hallambaker.com/
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
