upvote

points

by indolering3 hours ago |
comments
upvoteby twelvedogs2 hours ago|
next
[-]
The difference is DNS provides a fairly obvious up side
reply
upvoteby growse3 hours ago|
prev|
[-]
> As if DNS isn't a major contributing to A LOT of downtime. That doesn't mean it's not worth doing not investing in making deployment more seamless and less error prone.

Ah yes. Let's take something that's prone to causing service issues and strap more footguns to it.

It's not worth it, because the cost is extremely quantifiable and visible, whereas the benefits struggle to be coherent.

reply
upvoteby indolering2 hours ago|
parent|
[-]
The benefits are huge: there are lots of attacks that DNSSEC trivially prevents and it would help secure more than just web browsers.
reply
upvoteby ekr____1 hours ago|
parent|
[-]
Can you expand on this a bit, under the assumption that the traffic is using some form of transport security (e.g., TLS, SSH, etc.)?
reply
upvoteby indolering35 minutes ago|
parent|
[-]
DNS underlies domain authority and the validity of every connection to every domain name ultimately traces back to DNS records. The amount of infra needed to shore up HTTPS is huge and thus SSH and other protocols rely on trust-on-first-use (unless you manually hard-code public keys yourself - which doesn't happen). DNS offers a standard, delegable PKI that is available to all clients regardless of the transport protocol.

With DNSSEC, a host with control over a domain's DNS records could use that to issue verifiable public keys without having to contact a third party.

I ran into this while working on decentralized web technologies and building a parallel to WebPKI just wasn't feasible. Whereas we could totally feed clients DNSSEC validated certs, but it wasn't supported.

reply
upvoteby ekr____26 minutes ago|
parent|
[-]
Thanks for the explanation. It seems like there are two cases here:

1. Things that use TLS and hence the WebPKI 2. Other things.

None of what you've written here applies to the TLS and WebPKI case, so I'm going to take it that you're not arguing that DNSSEC validation by clients provides a security improvement in that case.

That leaves us with the non-WebPKI cases like SSH. I think you've got a somewhat stronger case there, but not much of one, because those cases can also basically go back to the WebPKI, either directly, by using WebPKI-based certificates, or indirectly, by hosting fingerprints on a Web server.

reply
upvoteby indolering6 minutes ago|
parent|
next
[-]
> None of what you've written here applies to the TLS and WebPKI case, so I'm going to take it that you're not arguing that DNSSEC validation by clients provides a security improvement in that case.

It would benefit the likes of Wikileaks. You could do all the crypto in your basement with an HSM without involving anyone else.

> That leaves us with the non-WebPKI cases like SSH. I think you've got a somewhat stronger case there, but not much of one, because those cases can also basically go back to the WebPKI, either directly, by using WebPKI-based certificates, or indirectly, by hosting fingerprints on a Web server.

But do they? That requires adding support for another protocol.

I would like to live in a world where I don't have to copy/paste SSH keys from an AWS console just to have the piece-of-mind that my SSH connection hasn't been hijacked.

reply
upvoteby tptacek18 minutes ago|
parent|
prev|
[-]
In practice, fleet operators run their own PKIs for SSH, so tying them to the DNSSEC PKI is a strict step backwards for SSH security.

There may be other applications where a global public PKI makes sense; presumably those applications will be characterized by the need to make frequent introductions between unrelated parties, which is distinctly not an attribute of the SSH problem.

reply
upvoteby indolering40 seconds ago|
parent|
[-]
And for everyone else that just wants to connect to an SSH session without having to setup PKI themselves? Tying that to the records used to find the domain seems like the obvious place to put that information to me!

DNSSEC lets you delegate a subtree in the namespace to a given public key. You can hardcode your DNSSEC signing key for clients too.

Don't get me started on how badly VPN PKI is handled....

reply