[theamk]

DNSSEC scares me. CAs are not perferct but they at least have some measure of accountability. Therr are many stories of CAs being removed from browsers, and many of them ended up ceasing operations whatsoever. The reason for that is CAs are interchangeable, if one goes back I can switch to other with almost no distruption.

Compare to DNSSEC which are designed to have single supplier. If a TLD registrar goes bad, what is going to happen? Moving to a new TLD is a huge deal, and affects everyone, including your customer. And browsers can't really ban an entire TLD like they ban CAs.

So yes, both CAs and DNSSEC have some problems. But one of them is pretty good and getting better the time (deprecation of old crypto, short-expiration certificates) while the other is stuck with ancient crypto, constant technical outages, and no chance of improvement.

[tialaramex]

The TLD registrar has enormous impact on you regardless of DNSSEC, and people just seem to put up with it, much as they put up with having an awful US state government, or a terrible HOA, or dozens of other problems.

For ccTLDs you could hope, especially if you are a citizen of the country encoded and it's a democracy, that you can vote for governments who require the TLD registrar to meet your needs. Will that work? Well, no worse than them ensuring adequate drinking water and that sort of thing.

TLDs seem primarily to be chosen for existing popularity, so no matter how badly COM is run, people will insist they want a .com domain, and then complain about how badly the TLD is run. I don't see DNSSEC ever making that substantially worse.

Suppose you paid $50 last year for theamk.example - what sort of abuses could the example TLD already do - ignoring DNSSEC entirely ?

Somebody has decided to register the\u{0251}mk.example, the\u{0431}mk.example and now the\u{ff41}mk.example - your TLD's policies say that they take this sort of thing "very seriously" and they try to ensure that after they've been paid in full for the domains they get around to removing these bogus sites used to attack your customers just as soon as you file the necessary paperwork, plus 90 days admin.

They might tell you that somebody else offered them $5000 for theamk.example and so too bad now it's not yours any more. Can you fight them? Yeah, and eventually you might even win, but meanwhile your domain isn't working. I hope you didn't need that.

Oops due to an "error" theamk.example just doesn't resolve any more. Don't worry though, they aim to fix such errors within 45 days. Or you can pay for $25 Expedited Support ?

Oh no, apparently "Theamk Inc." in Beijing says you are squatting on their rightful trademark which they registered last week in Bulgaria apparently. The TLD registrar has decided to immediately transfer your domain to them.

[theamk]

The important stuff is not just websites I host, but also websites I visit. And in all the scenarios you mention, I (and everyone else) would know that it happened very clearly, as it is basically denial of service attack. Even if this is a takeover event with almost-instantaneous replacement with the phishing page, the website owner would detect this and if the website is at least a bit popular, the news would definitely hit the HN top page :)

For an example, sr.ht is hosted by Haitian TLD but has Let's Encrypt CA. Thanks to CT logs, I trust that the connections are secure, and when I download software from it I am getting it from the rightful place. (Or not getting this at all because website is down. That's a nature of the web, things break)

But with DNSSEC? No assurances at all. Owner of .ha can be coerced or bribed by $(your least favorite nation) and this may never be detected, especially if this is a targeted attack to specific addresses. And even if detected, there will _still_ be people saying, "hopefully this does not affect me, I won't move domains and risk my search traffic".

And that's the reason that DNSSEC scares me and WebPKI does not.

[tialaramex]

Web PKI CAs aren't psychic, they just use DNS. So your claim ends up being that you believe DNS answers from the DNS can be tampered with by parties who control those answers (which includes the TLD registrar, this part checks out), but, somehow every Web PKI CA would know if this happened and disregard the results.

Not only is your claim obviously not true in principle, we know it's not true in practice, disrupted DNS causes real issuances which are let's say... suspicious. They're not mis-issuance under current policy because the Web PKI trusts the DNS, but they would trigger exactly the scenario you believe can't happen.

[nickf]

You're right of course, but there's progress being made to require multi-perspective verification (do DNS lookups from many different and ideally randomised locations, only issue if you get consensus). It's not perfect, but it's a great step in the right direction.

[yencabulator]

DNSSEC can be tampered without leaving a trail of evidence. If you MitM DNS for all the outbound IPs a CA uses, the end result of that gets logged in Certificate Transparency. And since 1) sites can and do monitor CT for their domains and 2) browsers demand the certificate has been submitted to CT, we know that e.g. google.com is not MitM'ed.