Am 25.03.20 um 02:50 schrieb Paul Wise:
On Tue, 2020-03-24 at 15:48 +0100, Elmar Stellnberger wrote:
I hope this is gonna happen anytime soon. DANE and thus a valid TLSA
record is of very high value and importance for getting a genuine
download of Debian. As I have mentioned before downloads via Tor can be
spoofed like my last Debian Live 10 download which turned out to be
infected by debchecheckrooting against the Debian 10 DL-BD.
TBH, very few people care about DNSSEC and vastly fewer than that care
about DANE so I expect at some point support for both will disappear
from both the DNS root servers and all DNS software.
You shouldn't be relying on DNSSEC/DANE/TLS to verify Debian image
downloads anyway, since they have OpenPGP signatures:
OpenPGP is no solution to the issue. You need to download the public
key and this is usually done over insecure https without DANE.
Furthermore it is a vibrant issue that the private key can be stolen
even if it is stored offline. How does Debian guard its private key? Is
the key used to sign Debian CD images put offline? What security
measures do apply?
DANE is not gonna disappear. There is no DANE support for the www yet
but mail servers do increasingly use DANE. Many public hosters support
DNSSEC these days and adding a TLSA record is usually little work if you
are in the possession of the server infrastructure. Third, as we have a
tool to download over DANE/https now (a̅tea) I would suggest that we
should make use of it. According to my experience use of DANE is the
only way around this security nightmare. It has proven to hold strong
and secure in practice. DANE per se will never disappear as it is the
decision of the server maintainers whether to provide a TLSA record or
not. DNSSEC per se is used more than DANE.