DANE and Convergence Questions

Posted on 2016-09-02
Medium Priority
Last Modified: 2016-09-08
I had this question after viewing DANE and Convergence.

Who sets up the notaries in convergence?  Is an administrator required to oversee and how can we be assured that there will be many notaries to choose from?  For DANE it seems as the trust is left with the domain owner rather than a third party.  Isn't this still a concern for man-in-the-middle attacks?  What are some negatives for using these methods if they do gain traction?
Question by:K K
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 18

Assisted Solution

by:Garry Glendown
Garry Glendown earned 1000 total points
ID: 41782958
DANE is secured by a chain of trust throughout the DNS authorities. So, in the end, you still have to rely on the integrity at that end. As for MITM, an attacker would have to compromise both the DNS level with the signatures, as well as the access to the server.
The more probable danger IMO is rather in the accidental (or on purpose) compromise of the signatures, causing in remote sites not delivering mail to your server as the chain of trust isn't intact ...
LVL 64

Accepted Solution

btan earned 1000 total points
ID: 41782960
Who sets up the notaries in convergence?  
anyone can setup the notaries as long as it runs those service (the notary pack can be download/ed & installed )
Is an administrator required to oversee and how can we be assured that there will be many notaries to choose from?  
Notary should adhere the protocol as spelled out here and the list of notary is available from the starter in github @ https://github.com/moxie0/Convergence/wiki/Notary-Protocol
Note the high and low available type and you notice there are security company like Qualys running notary service too, I will probably give them greater trust as compare to other stated in the list. https://github.com/moxie0/Convergence/wiki/Notaries
For DANE it seems as the trust is left with the domain owner rather than a third party. Isn't this still a concern for man-in-the-middle attacks?  
Yes but at least we need to put trust in the security protocol. DANE needs the DNS records to be signed with DNSSEC for its security model to work. Even CA can be breach and still work in compromised stated impacting whoever is using them as the trust entities. This why DANE is supposed to work for TLS w/o CA. In fact, DANE can still allows a domain owner to specify which CA is allowed to issue certificates for a particular resource.  We trust but always verify.
What are some negatives for using these methods if they do gain traction?
There is no foolproof option as shared CAN can be compromised so can the notaries and DANE domain owner. Actually the "limitation" is shared in the RFC (6698) for DANE which is on the weakest link "DNSkey" e.g.
- Risk of Key Compromise
the root DNSKEY has protections and controls comparable
      to or exceeding those of public CAs.  On the other end of the
      spectrum, small domains might provide no more protection to their
      keys than they do to their other data.
- Impact of Key Compromise
Only the compromise of the root DNSKEY would have the
      equivalent impact of an unconstrained public CA.
- Detection of Key Compromise
If a key is compromised, rapid and reliable detection is important in
   order to limit the impact of the compromise.  In this regard, neither
   model prevents an attacker from near-invisibly attacking their
   victim, provided that the necessary keys are compromised.
- Spoofing Hostnames
an attacker can attempt to
   circumvent this restriction by finding a CA willing to issue the
   certificate anyway.  However, by using DNSSEC and TLSA, the attacker
   can circumvent this check completely.

Actually the limit is close to  saying the limit of securing DNS using DNSSEC and highly dependent on the owner to "go by the book" including the basic of DNS such as they MUST observe the TTL information reported by DNS and trust put on those  (if any) DNS recursive resolver. Otherwise  lax implementations that fail to follow the DNS rule could be spoofed and really depends on DNS client to detect this spoofed entity - can be non-trivial

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question