On Thu, Jul 02, 2015 at 06:40:45PM +0300, Yoav Nir wrote: > > What prevents IP address hijacking (mallory.example publishes > > alice.example's IP address and now mallory's IPSEC keys are used > > to encrypt traffic to alice)? > > Not sure I follow. Mallory publishes > - mallory.example.com IN A 192.0.2.5 > - mallory.example.com IN TLSA .... > > But there's also > - alice.example.com IN A 192.0.2.5 > - alice.example.com IN TLSA .... > > So Mallory can push people looking for his IPsec entity to go to Alice's > IPsec entity.
No, Mallory might be able to hijack the traffic keys to 192.0.2.5 (Alice's IP address), and then MiTM the traffic in question (BGP attack or equivalent). If there's no risk of MiTM, just do anon-DH and you're done, no need for a PKI. -- Viktor. _______________________________________________ dane mailing list dane@ietf.org https://www.ietf.org/mailman/listinfo/dane