Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
Once we have DNSSEC (it'll be there RSN, with the Hurd and DNF supporting it out of the box) we should just put the cert (fingerprint) into DNS and be done with it.
please move this stuff into DNS
Posted Dec 25, 2008 14:11 UTC (Thu) by TRS-80 (subscriber, #1804)
To get rid of CAs for basic cert uses, which is protecting passwords from being sent in the clear, Mozilla should be implementing and advocating RFC 5054, TLS/SRP, however NSS (a Mozilla subproject) won't add it until Mozilla does the UI work, but Mozilla wants to do the UI work as extensions, so needs NSS done first.
Posted Dec 25, 2008 20:15 UTC (Thu) by quotemstr (subscriber, #45331)
For vain reasons, it'll never be used: web designers like being able to specify how their login boxes look.
Posted Dec 26, 2008 2:23 UTC (Fri) by TRS-80 (subscriber, #1804)
Anyway, for web designers HTML 5 offers a way to have HTML login forms for HTTP auth.
Posted Dec 26, 2008 3:18 UTC (Fri) by drag (subscriber, #31333)
It just strikes me as a bit lazy. Not a lot lazy as the SSL/TLS stuff is difficult to get right. But for as long as this stuff has been out it should be fairly simple to do.
Posted Dec 26, 2008 3:36 UTC (Fri) by TRS-80 (subscriber, #1804)
Security problems with CAs
Posted Dec 26, 2008 13:21 UTC (Fri) by vonbrand (subscriber, #4458)
Sad fact is that really checking is expensive, and CAs aren't in the business of "wasting" money to then turn a paying customer away... plus certificates are the same whether they are meant to protect (probably not very interesting) email from prying eyes, commercial transactions in the range of a few tens of dollars, or multi-million dollar movements. The association of the "personal" certificate with all sorts of identifying data makes the planned use of those a privacy nightmare. The whole concept is deeply flawed. For an in-depth discussion of the current issues, look at Peter Gutmann's PKI tutorial (a large PDF presentation).
Posted Dec 26, 2008 8:27 UTC (Fri) by weasel (subscriber, #6031)
Unfortunately the article you link to only states the same fact as you, and does not even try to give an explanation, reason or argument.
At least ssh appears to be able to figure out if information it gets from DNS is secure or not. It does that by checking the AD bit in the dns response (see dns.c in its source and the VerifyHostKeDNS entry in the ssh_config manpage).
Posted Dec 28, 2008 23:40 UTC (Sun) by jamesh (guest, #1159)
If I set up a public wifi network, I could easily provide a DNS server that said every record was secure and use DHCP options to get machines that connect to use that server. How would OpenSSH be able to tell the difference between this network and a secure network where the responses from the DNS server can be trusted?
So there seem to be real problems with applications trusting DNSSEC results given the types of networks people connect to these days ...
Posted Dec 30, 2008 14:40 UTC (Tue) by tialaramex (subscriber, #21167)
On a laptop I can choose to run a local DNS server, which implements DNSSEC and (as soon as the root is signed) get a complete end-to-end chain. Perhaps you don't know anybody who does this today, and perhaps in five years you won't know anybody who doesn't.
On a moderately secure wired LAN (or suitably protected wireless one) I can provide a local DNS server and sacrifice the last hop security for improved performance from the shared cache.
What's much nicer about using DNSSEC for this is then all I'm relying on is the immediately evident hierarchy, thus...
physics.soton.ac.uk relies on the root, then the UK government and its DNS operator Nominet, the JaNET (UK academic network) management & operator, and the University (of Southampton)'s management and systems team. This makes sense - it's almost the same hierarchy that issued the machine with an IP address.
Whereas with current CA-based SSL physics.soton.ac.uk may well rely on the integrity of a cheap reseller from Taiwan, who acts as a front for an outfit in California, which in fact subcontracts the technical work to a small business in Finland run by a 14 year old girl. But I can't tell any of that, all I get is a picture of a padlock.
DNSSEC can be leveraged to deliver secure-by-default to the web, something which I think would be more revolutionary than most people realise.
Posted Dec 31, 2008 5:37 UTC (Wed) by jamesh (guest, #1159)
Until we get to the point where people get a secure DNS resolver installed by default, it doesn't make sense for application developers to trust the DNS response by default. Relying on a pre-shared public key gives the application much better assurance (even if this assurance is weaker than what they'd get from a properly verified DNSSEC response).
Perhaps if an operating system installed a DNS resolver that performed the necessary checks by default, it would make sense for applications to trust the response flags. But until that point, applications are better off using some other trust mechanism.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds