💾 Archived View for gemi.dev › gemini-mailing-list › 000163.gmi captured on 2024-05-12 at 15:59:16. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-12-28)

-=-=-=-=-=-=-

Trust model for addresses and certificates (DANE etc..)

1. southerntofu (a) thunix.net (southerntofu (a) thunix.net)

Hey,

I've been following Gemini from afar, that's a really cool project you've 
got! I'm curious about the threat model with gemini and how we can 
increase security in ways that are not user-hostile, and do not 
concentrate power in the hands of third parties.

A TOFU approach to certificates (trust on first use, i.e. blind trust) can 
be easier to deal with, but strongly lacks any security guarantee. 
Especially, so far user agents of all sorts have been terrible at making a 
UX to inspect and verify server/peer certificates, so i think it's not so good.

DANE is a RFC that describes how to distribute TLS public keys over the 
DNS (+ DNSSEC). It consists of TLSA records containing the server's public 
key, which can also be CNAME'd to, like in the example in the spec:

      example.com.                IN MX 0 mx1.example.com.
      example.com.                IN MX 0 mx2.example.com.
      _25._tcp.mx1.example.com.   IN CNAME tlsa201._dane.example.com.
      _25._tcp.mx2.example.com.   IN CNAME tlsa201._dane.example.com.
      tlsa201._dane.example.com.  IN TLSA 2 0 1 e3b0c44298fc1c149a...

Using DANE to distribute certificates reduces the attack surface, because 
the DNS is already a SPOF for a gemini server. I personally believe the 
gemini spec should strongly encourage admins to use DANE to distribute 
their server certificates.

A different approach to this problem is the GNU Name System, which is a 
DNS-compatible, fully autonomous and secure naming system: 
https://datatracker.ietf.org/doc/draft-schanzen-gns/

GNS has much stronger security guarantees than DNSSEC, which is ideal for 
bootstrapping a secure connection to a remote server. It's also entirely 
decentralized and name seizures are made impossible by introducing 
cryptographic forms of zone delegation (instead of IP-based delegation as 
DNS does). I would recommend people investigate it, because interpersonal 
concerns set aside, GNS is in my view the best proposal for a secure, 
censorship-free naming system.

There was a presentation at ICANN about GNS, which you can view here: 
https://git.gnunet.org/gnunet-videos-2019.git/plain/ICANN66/GNU_Name_System
_-_2019_ICANN66__Martin_Schanzenbach.webm

I hope this message brings you food for thought. Long live the free 
internet, burn all prisons and borders!

Link to individual message.

2. Jason McBrayer (jmcbray (a) carcosa.net)

southerntofu at thunix.net writes:

> Using DANE to distribute certificates reduces the attack surface, because the
> DNS is already a SPOF for a gemini server. I personally believe the gemini spec
> should strongly encourage admins to use DANE to distribute their server
> certificates.

Could you provide a minimal sample implementation of how a client would
implement this? Just to demonstrate feasibility and to provide a guide
to other client authors?

-- 
+-----------------------------------------------------------+  
| Jason F. McBrayer                    jmcbray at carcosa.net  |  
| If someone conquers a thousand times a thousand others in |  
| battle, and someone else conquers himself, the latter one |  
| is the greatest of all conquerors.  --- The Dhammapada    |

Link to individual message.

3. solderpunk (solderpunk (a) SDF.ORG)

On Fri, May 29, 2020 at 04:29:46AM -0400, southerntofu at thunix.net wrote:
> Hey,

Hey!

I'm too bummed out over this data:// URL nonsense to give a detailed
response to this right now, but let me quickly say:  I am a big fan of
DANE, and I'm aware of an unhappy about the sad state of affairs which
is DNS security.  I'm very reluctant to spec any of it because the
implementation burden is *heavy*, but I have big plans to stick all
kinds of stuff into AV-98 in the future to reduce the risk associated
with the initial TOFU acceptance.  This includes looking for DANE
records (ideally over DNScrypt, so that even in the absence of DNSSEC
there is *some* extra security - and, yes, I realise that DNScrypt and
DNSsec provide very different kinds of security) and also various ideas
riffing on the old Perspectives project.  Hell, I'm even curious about
DNS-over-Gemini.  I'll write about all this in due time.

Cheers,
Solderpunk

Link to individual message.

4. Carsten Strotmann (carsten (a) strotmann.de)

Hi,

Jason McBrayer <jmcbray at carcosa.net> writes:

> southerntofu at thunix.net writes:
>
>> Using DANE to distribute certificates reduces the attack 
>> surface, because the
>> DNS is already a SPOF for a gemini server. I personally believe 
>> the gemini spec
>> should strongly encourage admins to use DANE to distribute 
>> their server
>> certificates.
>
> Could you provide a minimal sample implementation of how a 
> client would
> implement this? Just to demonstrate feasibility and to provide a 
> guide
> to other client authors?

I can't give a reference implementation, but as far as I know DANE 
can
be almost 100% delegated to OpenSSL or GNUTLS.

The DANE User Mailing List
<https://mail.sys4.de/mailman/listinfo/dane-users> is a good place 
to
get implementation help, sometimes directly from the RFC and 
OpenSSL
authors.

Greetings

Carsten

Link to individual message.

---

Previous Thread: More silly text/gemini spec proposals

Next Thread: Syntax highlighting for GtkSourceView (GNOME Builder, gedit)