On Sat, Nov 23, 2013 at 1:37 PM, Michal 'vorner' Vaner vor...@vorner.czwrote:
Hello
On Fri, Nov 22, 2013 at 10:07:51AM +, Dave Cridland wrote:
- If an attacker removes the record by fiddling with the DNS, then they
can mount an MITM attack. Note that they can also fiddle the DNS into
redirecting the connection too. It's not clear if this makes things any
harder than before.
- If an attacker adds in a TLSA record, this could act as a denial of
service.
On reflection, I'm not sure if this is actually an overall benefit, but I
thought I'd throw the idea out.
I didn't read the RFC, but my impression was that it mandated TLSA is
always
signed by DNSSEC. So, the right thing should probably be to ignore and warn
about unsigned TLSA records, not to honor them.
Yes, that'd be the spec's preference.
What I'm wondering is whether an initiator could use the presence of a TLSA
record to decide not to consider falling back to XEP-0220. In other words,
whether a domain could use them to assert that it has a valid certificate.
The spec doesn't say so - the spec is heavily geared toward HTTPS, where
opportunistic encryption constructs, as are used in XMPP, don't really
exist at all.
Dave.