[jdev] manifesto & DANE does not cut it

Ralf Skyper Kaiser skyper at thc.org
Fri Nov 15 18:05:48 UTC 2013 

Hi,

Definition:

- POST-Prism means the time after PRISM. What we know now. It does not
imply that PRISM ever carried out a DNSSEC or DNS attack. Sorry if this was
not clear.

- Khomeini: Sorry, you are right. He is dead. Use Khamenei. Sorry for the
typo. Makes zero difference.

Let's stay technical.


On Fri, Nov 15, 2013 at 10:30 AM, Dave Cridland <dave at cridland.net> wrote:

> On Fri, Nov 15, 2013 at 9:30 AM, Ralf Skyper Kaiser <skyper at thc.org>wrote:
>
>> No. The user has to trust ALL keys and not just the single ROOT KEY. The
>> user has to trust:
>> 1. The key was generated securely (enough bits, good primes, ...)
>> 2. A good RNG was used (hi debian! Thanks for a bad RNG).
>> 3. The key is not leaked (on purpose) by _any_ of the admins in the
>> domain chain
>> 4. The key is stored securely and not stolen
>> 5 . ...This list is incomplete...and goes on and on.
>>
>>
> Excellent... So we'll run through a first-time connect without DANE, and
> with just pinning.
>
[...]


>
> OK. Small note there, actually. You also have to trust any authority over
> your IP connectivity at this point, plus spoofing DNS is relatively easy
> without DNSSEC, so you're basically trusting *everyone*. Which just makes
> you a nice guy, right? Can I borrow €1,000?
>

Assuming the DNS was used then the user could be tricked in connecting to
the wrong IP address of the jabber server. Yet the security is not
compromised because the TLS connection will fail (assuming the certificate
is pinned).

The attacker can prevent the user from connecting to the jabber server but
the attacker can not read the data/chat/messages of the user. What we
should focus on is that the data/chat/messages stay confidential. Pinning
does this.

The pinning (without DNSSEC) is open to attack on the first connect. SSH is
vulnerable the same way. SSH works on the same model (pinning). See my
other email why the 'first connect' scenario is not practical for an
attacker.

(and if you want to fix this then you can use DNSSEC with PINNING).

On the other hand just using DNSSEC requires the user to trust at least 3
different keys from 3 different entities that have 3 totally different
geopolitical interests. What can possible go wrong...

>
> <SARCASM>
>> That really sounds like a great idea! Unless of course
>>
>> 1. You are a gay person in Iran
>> 2. An Atheist in Saudi Arabia (or a women)
>> 3. Leonardo da Vinci and dare to suggest that the earth is round
>> 4. A black person wishing to sit in the front row of a bus
>> 5 ...
>> </SARCASM>
>>
>>
> Typically, sarcasm is used to posit something that is clearly the opposite
> of what you intend, by the way. Aside from "That really sounds like a great
> idea", I'll assume that the remainder of the argument you state above is,
> you believe, valid.
>

Sorry if this was not obvious.


>
>
>> DANE does not protect any of the above people.
>>
>>
>
regards,

ralf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.jabber.org/jdev/attachments/20131115/da01c9fe/attachment.html>

More information about the JDev mailing list