On Sat, Apr 18, 2015 at 12:10:55AM +0100, Stephen Farrell wrote:
> On 17/04/15 17:39, Viktor Dukhovni wrote:
>
> > Well, though I don't know why we'd care protecting about the address
> > records also (given routing layer attacks), ... There is (full
> > disclosure) a corner case where the address records are not secure,
> > but the TLSA records are.
>
> Right, that's what I was wondering about.
Almost no domains lie in this corner case.
> I think the question for the WG is whether or not to
> note that that allows for potential traffic re-direction
> and traffic analysis of the TLS protected data.
I don't see why opportunistic DANE TLS for SMTP should attempt to
protect against this "attack", which even mandatory TLS for HTTPS
ignores. The folks interested in traffic analysis will learn what
they need whether the IP addresses are forged or not. In fact I
rather doubt they'd want to be that visible just for traffic
analysis.
> You are also correct that this could be done via BGP (and
> is perhaps more likely to be done) but if one was worried
> about this, then the error could also be done at this level
> (as shown by your example) which is an argument to call
> this out but not get into BGP issues.
I'd prefer to not discuss this side-track in the draft.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
