076萌SNS
  • Login

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Mar-2023 09:32:36 JST Rich Felker Rich Felker
    in reply to
    • Thomas H. Ptacek
    • TunnelJanitor

    @tqbf @TunnelJanitor Well for what it's worth, I exclusively use offline signing for my domains. This lets me outsource the actual DNS hosting to anyone I want (or a low-trust VPS of my own) without worrying they can forge certs for my domains, etc.

    In conversation Thursday, 02-Mar-2023 09:32:36 JST from hachyderm.io permalink
    • Thomas H. Ptacek (tqbf@infosec.exchange)'s status on Thursday, 02-Mar-2023 09:32:37 JST Thomas H. Ptacek Thomas H. Ptacek
      in reply to
      • TunnelJanitor

      @dalias @TunnelJanitor Whew we’re back to absolute disagreement.

      In conversation Thursday, 02-Mar-2023 09:32:37 JST permalink
    • Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-Mar-2023 09:32:38 JST Rich Felker Rich Felker
      in reply to
      • Thomas H. Ptacek
      • TunnelJanitor

      @tqbf @TunnelJanitor It absolutely still makes sense! Offline signing is one of the best properties, and key to using DNSSEC right. The problem is garbage domain hosting services with their awful panels rather than an "upload zone as text file" button making it hard for normal folks to benefit from offline signing.

      In conversation Thursday, 02-Mar-2023 09:32:38 JST permalink
    • Thomas H. Ptacek (tqbf@infosec.exchange)'s status on Thursday, 02-Mar-2023 09:32:39 JST Thomas H. Ptacek Thomas H. Ptacek
      in reply to
      • TunnelJanitor

      @TunnelJanitor Offline signing is a core DNSSEC service model decision made in the mid-1990s; it’s one of the 2-3 more defining design decisions in DNSSEC. It means that DNSSEC has to function with no key material online, with static servers that do no cryptography at all (compare to TLS, which is world-historically successful).

      That made sense in the 1990s but made no sense just 5 years later, and is now a boat anchor around the protocol (see the NSEC/NSEC3/NSEC5 saga, which is a pure product of offline signing constraints).

      In conversation Thursday, 02-Mar-2023 09:32:39 JST permalink
    • TunnelJanitor (tunneljanitor@sfba.social)'s status on Thursday, 02-Mar-2023 09:32:43 JST TunnelJanitor TunnelJanitor
      in reply to
      • Thomas H. Ptacek

      @tqbf Is this online signing service centralized? You probably could have that with just Kyber alone, but it tosses the notion of delegation of trust out of the window. May I ask why?

      In conversation Thursday, 02-Mar-2023 09:32:43 JST permalink
    • TunnelJanitor (tunneljanitor@sfba.social)'s status on Thursday, 02-Mar-2023 09:32:44 JST TunnelJanitor TunnelJanitor
      in reply to
      • Thomas H. Ptacek

      @tqbf my understanding is that the “constrained network gang” had a lot of influence on the design, as it’s the the low powered device people that really seem to care about it, for some reason. It’s going to be replaced anyway with some post quantum alternative, so what would you like to see?

      In conversation Thursday, 02-Mar-2023 09:32:44 JST permalink
    • Thomas H. Ptacek (tqbf@infosec.exchange)'s status on Thursday, 02-Mar-2023 09:32:44 JST Thomas H. Ptacek Thomas H. Ptacek
      in reply to
      • TunnelJanitor

      @TunnelJanitor Online signing.

      In conversation Thursday, 02-Mar-2023 09:32:44 JST permalink
    • Thomas H. Ptacek (tqbf@infosec.exchange)'s status on Thursday, 02-Mar-2023 09:32:46 JST Thomas H. Ptacek Thomas H. Ptacek
      in reply to

      My real problem with it is that the cryptography is awful. DNSSEC is not a system you would design with a 2020 understanding of how to leverage encryption at scale; it’s not even a good design for 2015.

      Despite its minimal deployment, DNSSEC might be the Internet’s more virulent vector for getting 1990s more 1990s cryptography deployed.

      In conversation Thursday, 02-Mar-2023 09:32:46 JST permalink
    • Thomas H. Ptacek (tqbf@infosec.exchange)'s status on Thursday, 02-Mar-2023 09:32:48 JST Thomas H. Ptacek Thomas H. Ptacek

      Just so we’re clear: my most reached-for argument against DNSSEC is that it’s a global PKI de jure controlled by world governments (and, most importantly, by the “Five Eyes” IC).

      My backup argument is that it’s a reliabilty nightmare. It has just an astonishing track record for causing durable, material outages for companies that enable it, stemming from the sensitive place in our network stack DNS occupies, and the fact that the stack wasn’t designed to put security policy in that place.

      My standard nerdy argument against DNSSEC is that it doesn’t actually address any threats: it’s a server-to-server protocol (this still surprises people, who think that DNSSEC is somehow protecting them when they resolve off 8.8.8.8) and the modal hijacking attack today is registrar phishing.

      My economic argument against DNSSEC is that nobody uses it --- take a list of the top 100, 500, 1000 zones and write a shell script to have `dig` check for DNSSEC records and you’ll find that virtually nothing you use is signed; without signatures the protocol can’t do anything for you, so you’re just signing up for outages.

      But none of these are my real problem with it.

      In conversation Thursday, 02-Mar-2023 09:32:48 JST permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.