[dns-operations] Does DNSSEC provide any mitigation for SSL bugs, like Apple's?

Dan York york at isoc.org
Mon Feb 24 18:58:34 UTC 2014


Paul is right on target with this:

On 2/24/14 1:48 PM, "Paul Wouters" <paul at cypherpunks.ca> wrote:

>If your zone is signed, and you publish a TLSA record, then you would
>be proteced (providing apple does not screw up this code either)
>An attacker can with-hold or modify the TLSA DMSSEC record, which should
>cause the TLS implementation to hard fail. If the attacker lets the TLSA
>record through, then your TLS client knows what to expect, and should
>abort when it is something unexpected.
>Note though, that TLSA can pin either the CA or the EE cert. If you pin
>the CA cert, then an attacker could just get _any_ cert from the same CA
>and still subvert you. If you had choosen to pin the EE cert, then the
>attack would have failed completely.

What he's talking about with the TLSA record is what is known perhaps more
widely as "DANE" or "the DANE protocol", where "DANE" is an IETF acronym
that expands into "DNS-based Authentication of Named Entities"  and is
detailed in RFC 6698:


We put some more info up at:



P.S. Thanks, Paul, for pointing out the CA vs EE cert point. In some quick
thoughts about this scenario I hadn't recalled the issue with pinning only
the CA.

Dan York
Senior Content Strategist, Internet Society
york at isoc.org <mailto:york at isoc.org>   +1-802-735-1624
Jabber: york at jabber.isoc.org <mailto:york at jabber.isoc.org>
Skype: danyork   http://twitter.com/danyork


More information about the dns-operations mailing list