[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf-tls
Subject:    [TLS] DPRIV has the downgrade too (Re: Consensus Call on draft-ietf-tls-dnssec-chain-extension)
From:       Nico Williams <nico () cryptonector ! com>
Date:       2018-04-06 19:21:02
Message-ID: 20180406192101.GQ25259 () localhost
[Download RAW message or body]

On Thu, Apr 05, 2018 at 02:46:12AM -0400, Viktor Dukhovni wrote:
> So I rather suspect that even the DPRIV use-case, which supposedly does not need
> the proposed changes, actually does need them for meaningful security from using
> DANE, and we've not just not looked at the details closely enough yet.  It may
> well turn out not substantially different from the browser use-case that is not
> adequately met by the current draft.
> 
> Can someone explain briefly how DPRIV avoids the same downgrade issues, and
> negative adoption incentives (cost-benfit comparison)?  If it turns out that
> no adequate explanation is possible, and indeed the same issues are present,
> then the proposed changes (which are still needed elsewhere) are all the
> more pressing.

Oh, right, DPRIV isn't a work-in-progress.  It's already here.  Thus it
cannot be an application that makes draft-ietf-tls-dnssec-chain-extension
mandatory.  Therefore it's subject to the downgrade attack we want to
address with (C).

I think now the WG should really want this LC to succeed and get this
change made.

Nico
-- 


[prev in list] [next in list] [prev in thread] [next in thread]