On 8/1/2021 9:21 PM, Martin Thomson wrote:
On Fri, Jul 30, 2021, at 06:08, Eric Rescorla wrote:
- Recursives can attempt to connect to any authoritative by probing
with DoT/DoQ [0]. In this case, they should cleanly fall back to
Do53 on connect failure and not validate the credential (whether
WebPKI or DANE) This allows authoritatives to just turn on TLS
without risk.
I assume that your MUST NOT validate here only exists because of the
combination of:
1. Us not being able to decide between Web PKI and DANE; and
2. The potential for an unauthenticated mode.
If we decided on a single answer for the first and in the negative for the
second, would that make authentication viable? Or is the opportunism a feature?
I am torn on the PKI vs DANE issue. I understand the simplicity of using
Let's encrypt or similar and getting an X.509 certificate backed by
proof of ownership of the domain name. But I am also very concerned that
this introduces a circular dependency. Allowing for DANE breaks that
dependency when DNSSEC is available, which is why I would like
authentication to allow both. If the server can prove its identity using
either DANE or PKI, the client is probably fine.
And given the simplicity of getting PKI, I don't quite see the point of
an unauthenticated mode. It does not ease the deployment much, and it
paints a thick MITM target. I would rather fall back to Do53 than to
unauthenticated DoT or DoQ.
-- Christian Huitema
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
