> On Sep 14, 2018, at 12:09 PM, Eric Rescorla <e...@rtfm.com> wrote:
>
> In theory perhaps, but as a practical matter, no browser client, at least,
> can do DNSSEC hard fail, because the rate of organic DNSSEC interference is
> too high. Indeed, this is the primary reason why DANE over TLS is interesting.
Yes, of course, no disagreement there.
But the result is not lots of browsers with half-baked implementations
of DANE that ignore DNS lookup failures and accept the downgrade risk,
but rather no implementation of DANE in browsers via direct DNS lookups,
which makes sense given the current state of the Internet "edge".
And so here we are evaluating an alternative approach, that might also
address latency concerns, support raw keys while addressing UKS attacks,
.... And, to the extent possible, should be downgrade resistant.
Unfortunately,
only after contact, but we'll have a chance to hash that out at the meeting soon
enough...
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
