On Mon, 5 Mar 2018, Viktor Dukhovni wrote:
On Mar 5, 2018, at 4:32 AM, Willem Toorop <wil...@nlnetlabs.nl> wrote:
Therefore, any long-term caching of a destination's support for the extension
should require server opt-in, and must have a maximum duration.
How do you (all) feel about using the expiry date on the RRSIG for the
TLSA to be used for this purpose?
I don't think the expiry date is adequate for this purpose. To reduce
the scope for replay attacks, my domain has 14 day RRSIG lifetimes, and
automated re-signing happens as records age, so they are often as close
as ~4 days away from expiration when re-signed. And yet, if were to
deploy a web server that implements this extension, I'd want to commit
to DANE for a considerably longer time.
There is also the reverse problem of pinning something you don't have
anymore. With TTL, you can tune your commitment and risk.
Also in general, DNS data should not be used beyond its TTL unless the
data itself has some kind of TTL on it (eg a full cert payload or
openpgp key with expiry)
Paul
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
