💾 Archived View for gemi.dev › gemini-mailing-list › 000163.gmi captured on 2023-11-04 at 12:29:50. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Hey,
I've been following Gemini from afar, that's a really cool project you've
got! I'm curious about the threat model with gemini and how we can
increase security in ways that are not user-hostile, and do not
concentrate power in the hands of third parties.
A TOFU approach to certificates (trust on first use, i.e. blind trust) can
be easier to deal with, but strongly lacks any security guarantee.
Especially, so far user agents of all sorts have been terrible at making a
UX to inspect and verify server/peer certificates, so i think it's not so good.
DANE is a RFC that describes how to distribute TLS public keys over the
DNS (+ DNSSEC). It consists of TLSA records containing the server's public
key, which can also be CNAME'd to, like in the example in the spec:
example.com. IN MX 0 mx1.example.com.
example.com. IN MX 0 mx2.example.com.
_25._tcp.mx1.example.com. IN CNAME tlsa201._dane.example.com.
_25._tcp.mx2.example.com. IN CNAME tlsa201._dane.example.com.
tlsa201._dane.example.com. IN TLSA 2 0 1 e3b0c44298fc1c149a...
Using DANE to distribute certificates reduces the attack surface, because
the DNS is already a SPOF for a gemini server. I personally believe the
gemini spec should strongly encourage admins to use DANE to distribute
their server certificates.
A different approach to this problem is the GNU Name System, which is a
DNS-compatible, fully autonomous and secure naming system:
https://datatracker.ietf.org/doc/draft-schanzen-gns/
GNS has much stronger security guarantees than DNSSEC, which is ideal for
bootstrapping a secure connection to a remote server. It's also entirely
decentralized and name seizures are made impossible by introducing
cryptographic forms of zone delegation (instead of IP-based delegation as
DNS does). I would recommend people investigate it, because interpersonal
concerns set aside, GNS is in my view the best proposal for a secure,
censorship-free naming system.
There was a presentation at ICANN about GNS, which you can view here:
https://git.gnunet.org/gnunet-videos-2019.git/plain/ICANN66/GNU_Name_System
_-_2019_ICANN66__Martin_Schanzenbach.webm
I hope this message brings you food for thought. Long live the free
internet, burn all prisons and borders!
southerntofu at thunix.net writes: > Using DANE to distribute certificates reduces the attack surface, because the > DNS is already a SPOF for a gemini server. I personally believe the gemini spec > should strongly encourage admins to use DANE to distribute their server > certificates. Could you provide a minimal sample implementation of how a client would implement this? Just to demonstrate feasibility and to provide a guide to other client authors? -- +-----------------------------------------------------------+ | Jason F. McBrayer jmcbray at carcosa.net | | If someone conquers a thousand times a thousand others in | | battle, and someone else conquers himself, the latter one | | is the greatest of all conquerors. --- The Dhammapada |
On Fri, May 29, 2020 at 04:29:46AM -0400, southerntofu at thunix.net wrote: > Hey, Hey! I'm too bummed out over this data:// URL nonsense to give a detailed response to this right now, but let me quickly say: I am a big fan of DANE, and I'm aware of an unhappy about the sad state of affairs which is DNS security. I'm very reluctant to spec any of it because the implementation burden is *heavy*, but I have big plans to stick all kinds of stuff into AV-98 in the future to reduce the risk associated with the initial TOFU acceptance. This includes looking for DANE records (ideally over DNScrypt, so that even in the absence of DNSSEC there is *some* extra security - and, yes, I realise that DNScrypt and DNSsec provide very different kinds of security) and also various ideas riffing on the old Perspectives project. Hell, I'm even curious about DNS-over-Gemini. I'll write about all this in due time. Cheers, Solderpunk
Hi, Jason McBrayer <jmcbray at carcosa.net> writes: > southerntofu at thunix.net writes: > >> Using DANE to distribute certificates reduces the attack >> surface, because the >> DNS is already a SPOF for a gemini server. I personally believe >> the gemini spec >> should strongly encourage admins to use DANE to distribute >> their server >> certificates. > > Could you provide a minimal sample implementation of how a > client would > implement this? Just to demonstrate feasibility and to provide a > guide > to other client authors? I can't give a reference implementation, but as far as I know DANE can be almost 100% delegated to OpenSSL or GNUTLS. The DANE User Mailing List <https://mail.sys4.de/mailman/listinfo/dane-users> is a good place to get implementation help, sometimes directly from the RFC and OpenSSL authors. Greetings Carsten
---
Previous Thread: More silly text/gemini spec proposals
Next Thread: Syntax highlighting for GtkSourceView (GNOME Builder, gedit)