On Tue, Feb 27, 2018 at 6:36 PM, Nico Williams <n...@cryptonector.com> wrote:
> On Tue, Feb 27, 2018 at 11:24:31AM -0500, Shumon Huque wrote: > > On Tue, Feb 27, 2018 at 10:59 AM, Shumon Huque <shu...@gmail.com> wrote: > > > Several of us were well aware of this during the early days of the > > > draft, but perhaps many folks did not fully appreciate the impacts > > > until I elaborated on them last year, and added text that described > > > the "adversary with fraudulently obtained PKIX credentials" attack. > > > > Following up to my own message, sorry .. > > > > It occurred to me that perhaps a good way to mitigate this risk is > > a combo of mechanisms like CAA and Certificate Transparency logs. > > NO. That's insanely complicated. Is it really? We're talking about a scenario of incremental deployment of DANE in an existing PKIX ecosystem. In such an environment, I would expect that many servers will likely support both PKIX-only and DANE, at least initially. So presumably they will already be paying attention to CT logs to detect mis-issuance. And even if they support only DANE, they might be concerned about an attacker impersonating their service to DANE unaware clients. Shumon.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
