On Sat, Nov 23, 2013 at 1:37 PM, Michal 'vorner' Vaner <[email protected]>wrote:
> Hello > > On Fri, Nov 22, 2013 at 10:07:51AM +0000, Dave Cridland wrote: > > - If an attacker removes the record by fiddling with the DNS, then they > > can mount an MITM attack. Note that they can also fiddle the DNS into > > redirecting the connection too. It's not clear if this makes things any > > harder than before. > > > > - If an attacker adds in a TLSA record, this could act as a denial of > > service. > > > > On reflection, I'm not sure if this is actually an overall benefit, but I > > thought I'd throw the idea out. > > I didn't read the RFC, but my impression was that it mandated TLSA is > always > signed by DNSSEC. So, the right thing should probably be to ignore and warn > about unsigned TLSA records, not to honor them. > Yes, that'd be the spec's preference. What I'm wondering is whether an initiator could use the presence of a TLSA record to decide not to consider falling back to XEP-0220. In other words, whether a domain could use them to assert that it has a valid certificate. The spec doesn't say so - the spec is heavily geared toward HTTPS, where opportunistic encryption constructs, as are used in XMPP, don't really exist at all. Dave.
