Since most domain-owners/holders send their CSR (cert signing request) to their choice of public CA over unencrypted emails, if these emails are intercepted by such entity/group who is/are capable of doing so, ... then can those entities/groups use such CSR file to obtain an alternative cert from another 3rd party or compromised public CA cert ? and then, can they do/run various types of MITM, exploitations, spoofing, forwarding, surveillance, data-collection, DPI (deep packet inspection) type of devices (or servers), etc ?
Common/Public CA entities should either get CSR over TLS encrypted pages from domain-owner, or, over GPG/PGP encrypted emails. And should domain-owner(s) move all CSR, csr.pem, prv.key, prv.key.pem, etc files to an external removable portable (and preferably hot-pluggable) storage device which has encrypted partition ? when dealing with, either their own Private self-signed Root CA, IA (Intermediate Authority), i-CA etc type of cert, or, when dealing with public CA signed cert, unless it is a end-entity server cert related prv.key file, as server/service software needs end-entity server cert's prv.key. I understand, it is possible to obtain same domain-name based SSL cert from a 3rd party CA, and use in middle and run a fake same domain-name server. And if TLSA (aka, DANE) dns record declares/publishes what exact SSL cert is trusted by the domain-owner/holder, then web-browser clients which can/will check it, can make sure what is the correct SSL cert. So that is a very large +point numbers for DANE's advantage, to use very correct SSL cert for securing the communication. But, what type of other problems exist with current PKI implementations ? and, How DANE and which other DNSSEC aspects can solve it slightly better ? -- Bright Star. Received from Jakob Schlyter, on 2013-05-30 12:37 AM: > On 30 maj 2013, at 04:24, Rick Andrews <[email protected]> wrote: > >> Is there another list that's right for discussing the merits and demerits of >> the different DANE options? I work for a CA, so of course I believe that the >> current PKI is *not* irreparably broken, nor do I agree that modes 2 and 3 >> are "substantially more robust". Because I believe your voice is respected >> in this forum, I wanted to speak up to make it clear that this opinion is >> not shared by all. > > Unless the chairs do not object, I believe this mailing list is a good place > to discuss this matters. > > IMHO, classic PKI augmented by DANE would be a very strong package. However, > I would argue that without the extra identity proofing and other controls set > by by Extended Validation (EV), DANE has equally security properties to a > plain Domain Validation (DV) certificate. > > For a foreseeable future, we definitely need to combine DANE with classic PKI > in order for the general Internet user to be able to validate certificates. > For limited deployments, or applications where classic PKI has not yet gained > significant traction (such as TLS for SMTP), a pure DANE solution makes sense > (unless EV is required). > > jakob > > _______________________________________________ > dane mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dane >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
