Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

In a DANE world, every TLS certificate for a site under .COM is validated through the DNS, and the USG, which controls the DNS for .COM, can silently swap in its own identity for that of any of those sites.

They don't get the bits of your private key exponent. They don't need them; the DNSSEC key escrow system is subtle enough to let people think their secret keys matter.



In a CA world, every TLS certificate for a site under . is validated through trusting the CA, and the USG, which controls various CAs capable of issuing certificates for any site, can silently swap in its own identity for that of any of those sites.

They don't get the bits of your private key exponent. They don't need them; the CA key escrow system is subtle enough to let people think their secret keys matter.


And? The CA system is already deployed. DNSSEC is not. Why would we deploy another compromised PKI, one that can't be separated from governments, one that would force most huge sites to abandon their current domains to avoid USG spying, when we could spend a fraction of that energy getting CT deployed?


I readily accept that we need Certificate Transparency deployed, not least to deter malfeasance in the DNS (which is a more tractable problem as the list of TLDs is relatively small and well known in advance). Hopefully you also accept that DNSSEC (or something very similar to it) is needed to ensure the integrity of DNS responses (and to give us authenticated denial of existence, and so on).

The question then becomes "Is the amount of work to use DANE on top of DNSSEC (and potentially changing the TLD of my domains, depending on my threat model) too great to justify the extra security of being insulated from malfeasance by unrelated third parties (i.e. any of the CAs in the world)?"

I think that reasonable people can disagree about both the amount of work and the amount of extra security, and it is probably a different balance for each domain being considered. I don't think it is reasonable, though, to say that DANE as a technology shouldn't exist and be available to people who would benefit from it.


No, I do not accept that something like DNSSEC is needed. I do not think the DNS needs integrity. I think the CA system needs to be repaired, and then we need to stop pretending that the DNS is more important than it actually is. After all, we don't have plans to create "ARPSEC" or "DHCPSEC", either.

Nobody benefits from DANE. DANE takes the existing broken CA system we have now, retains it, because a large fraction of the deployed base of browsers can't actually handle DANE lookup queries, and then adds a new hierarchical PKI that is suborned by governments from the very beginning.

There is no amount of extra work we should spend to deploy DANE or DNSSEC. In fact: the potential deployment of DANE merits some work to prevent it from happening.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: