On 8/4/22 2:28 AM, Bastian Blank via mailop wrote:
And even if you had verifiable certificates: which ID would you use to verify it?
I would naively use the name that you are connecting to. E.g. my MTA is connecting to the FQDN in the MX record or in a B2B configuration.
The name of the MX is not secure, as it is resolved using unsecured DNS.
DNSSEC.
The only secure value you have on the mail is the remote domain.
Nothing about the example.org domain reflects the fact that they have outsourced email service to example.com. Nor can example.org realistically publish and maintain things per example.com's direction.
However, who lists the domains in the certificate?
The MTA operator lists the FQDN(s) of the MTAs that use said certificate.
MTA-STS is supposed to fix that, by providing a secure way to translate from domain to MX via a medium break.
I see MTA-STS as something different. Namely I see MTA-STS as a way for a sending MTA to learn that a destination MTA is supposed to use TLS and thus should be an indication of a problem if said destination MTA doesn't offer STARTTLS.
So is DANE, which requires DNSSEC on the whole thing and translates from domain -> MX -> key via DNSSEC validated DNS.
Yes. However, sadly, my understanding is that there are more things that use MTA-STS than there are things that use DANE.
But MITM is way harder then just passive extraction of the cleartext.
It *REALLY* depends where you are in the communications path and if you mind being detected or not. E.g. it's trivial to do a MITM in a D.R. Exercise where you control the Internet choke point and want to redirect to a local spoofed instance of 8.8.8.8 et al. It's not so easy when you want ot attack something from across the Internet without someone (else) on the Internet knowing that you're doing so.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
