Solved

DANE and Convergence Questions

Posted on 2016-09-02
2
52 Views
Last Modified: 2016-09-08
I had this question after viewing DANE and Convergence.

Who sets up the notaries in convergence?  Is an administrator required to oversee and how can we be assured that there will be many notaries to choose from?  For DANE it seems as the trust is left with the domain owner rather than a third party.  Isn't this still a concern for man-in-the-middle attacks?  What are some negatives for using these methods if they do gain traction?
0
Comment
Question by:K K
2 Comments
 
LVL 17

Assisted Solution

by:Garry-G
Garry-G earned 250 total points
ID: 41782958
DANE is secured by a chain of trust throughout the DNS authorities. So, in the end, you still have to rely on the integrity at that end. As for MITM, an attacker would have to compromise both the DNS level with the signatures, as well as the access to the server.
The more probable danger IMO is rather in the accidental (or on purpose) compromise of the signatures, causing in remote sites not delivering mail to your server as the chain of trust isn't intact ...
0
 
LVL 61

Accepted Solution

by:
btan earned 250 total points
ID: 41782960
Who sets up the notaries in convergence?  
anyone can setup the notaries as long as it runs those service (the notary pack can be download/ed & installed )
https://github.com/moxie0/Convergence/wiki/Running-a-Notary
Is an administrator required to oversee and how can we be assured that there will be many notaries to choose from?  
Notary should adhere the protocol as spelled out here and the list of notary is available from the starter in github @ https://github.com/moxie0/Convergence/wiki/Notary-Protocol
Note the high and low available type and you notice there are security company like Qualys running notary service too, I will probably give them greater trust as compare to other stated in the list. https://github.com/moxie0/Convergence/wiki/Notaries
For DANE it seems as the trust is left with the domain owner rather than a third party. Isn't this still a concern for man-in-the-middle attacks?  
Yes but at least we need to put trust in the security protocol. DANE needs the DNS records to be signed with DNSSEC for its security model to work. Even CA can be breach and still work in compromised stated impacting whoever is using them as the trust entities. This why DANE is supposed to work for TLS w/o CA. In fact, DANE can still allows a domain owner to specify which CA is allowed to issue certificates for a particular resource.  We trust but always verify.
What are some negatives for using these methods if they do gain traction?
There is no foolproof option as shared CAN can be compromised so can the notaries and DANE domain owner. Actually the "limitation" is shared in the RFC (6698) for DANE which is on the weakest link "DNSkey" e.g.
- Risk of Key Compromise
the root DNSKEY has protections and controls comparable
      to or exceeding those of public CAs.  On the other end of the
      spectrum, small domains might provide no more protection to their
      keys than they do to their other data.
- Impact of Key Compromise
Only the compromise of the root DNSKEY would have the
      equivalent impact of an unconstrained public CA.
- Detection of Key Compromise
If a key is compromised, rapid and reliable detection is important in
   order to limit the impact of the compromise.  In this regard, neither
   model prevents an attacker from near-invisibly attacking their
   victim, provided that the necessary keys are compromised.
- Spoofing Hostnames
an attacker can attempt to
   circumvent this restriction by finding a CA willing to issue the
   certificate anyway.  However, by using DNSSEC and TLSA, the attacker
   can circumvent this check completely.
https://tools.ietf.org/html/rfc6698#section-8.1

Actually the limit is close to  saying the limit of securing DNS using DNSSEC and highly dependent on the owner to "go by the book" including the basic of DNS such as they MUST observe the TTL information reported by DNS and trust put on those  (if any) DNS recursive resolver. Otherwise  lax implementations that fail to follow the DNS rule could be spoofed and really depends on DNS client to detect this spoofed entity - can be non-trivial
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now