John C Klensin <john(_at_)jck(_dot_)com> wrote:
Please correct me if I'm wrong, but it seems to me that
DANE-like approaches are significantly better than traditional
PKI ones only to the extent to which:
- The entities needing or generating the certificates
are significantly more in control of the associated DNS
infrastructure than entities using conventional CAs are
in control of those CAs.
- For domains that are managed by registrars or other
third parties (I gather a very large fraction of them at
the second level), whether one believes those registrars
or other operators have significantly more integrity and
are harder to compromise than traditional third party CA
operators.
Yes, but there are some compensating pluses:
You can get a meaningful improvement to your security by good choice of
registrar (and registry if you have flexibility in your choice of name).
Other weak registries and registrars don't reduce your DNSSEC security,
whereas PKIX is only as secure as the weakest CA.
DNSSEC has tricky timing requirements for key rollovers. This makes it
hard to steal a domain without causing validation failures.
An attacker can use a compromise of your DNS infrastructure to get a
certificate from a conventional CA, just as much as they could compromise
DNSSEC-based service authentication.
Tony.
--
f.anthony.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.