undefined | Better HN

0 pointsscrollaway3y ago0 comments

This post makes a better argument than I could write. And nothing much has changed in the seven years since. https://sockpuppet.org/blog/2015/01/15/against-dnssec/

0 comments

mattashii3y ago

That article is a bad example of outdated arguments and whataboutisms. Sure, DNSSEC has some issues, but none are so bad that it means you shouldn't use it: It does help resolvers detect various attacks (e.g. cache poisoning, BGP hijacks, MitMs), which is fairly critical for security-minded organizations.

(from that article, that is from 2015 and woefully outdated)

> With TLS properly configured, DNSSEC adds nothing.

This is false. DNSSEC adds address lookup security through response integrity, whereas TLS (only!) adds transport layer security to the endpoint you're connected to (hence the name). If you find a record in DNS with DNSSEC enabled, you know that the response is exactly as the sender intended it to be (and when connecting to the address returned for A- or AAAA-records, you'll be connecting to the intended IP address). Without DNSSEC, this is impossible to guarantee and record interception / MitM would be an attack vector.

Additionally, "With TLS correctly configured" also implies CAA being set up, which only can be done securely using DNSSEC. As to why CAA must be configured: Not all CAs are made the same; and re-routing network traffic is fairly doable if you only need to target one of the many public CAs. Targeting only that CA allowed in the CAA record is presumably much harder.

> Securing DNS lookups isn’t a high-priority task

> DNSSEC’s real job is thus to replace the TLS CA system. This plan is called DANE.

No, DNSSEC's job _is_ to secure DNS lookups. DANE is only one scheme that is made possible by DNSSEC; Secure CAA checking being another.

> Real-world DNSSEC therefore relies on RSA with PKCS1v15 padding.

Correct, but also relies on Ed25519 and P-256. A lot of authorative servers are still using the legacy RSA keys, but another lot is using P-256 and Ed25519 too.

> [sections] DNSSEC is Expensive To Adopt / Deploy

This is partly true, but any security is expensive to adopt/deploy. DNSSEC is fairly easy nowadays, though, with many hosted DNS services providing some form of DNSSEC.

> DNSSEC doesn’t secure browser DNS lookups.

It would, if you allowed your browser to recurse.

> DNSSEC is Unsafe

> Authenticated denial. Offline signers. Secret hostnames. Pick two.

That's fine. Secrecy doesn't add security; Authenticated denial and Offline signers do.

> DNSSEC is Architecturally Unsound

I disagree with the conclusion here. Sure, it might be useful for US gov to be the writer of the spec, but what public scrutiny DNSSEC has had implies that the security part is sound.

peppermint_tea3y ago

I'm with you here. I automated my dnssec setup, and I barely think about it.

I really wish my bank would use it and stop calling javascript from domains unknown to me :)

j / k navigate · click thread line to collapse