[theamk]

Yep: "don't deploy DNSSEC, rely on TLS"

[matthew9219]

TLS security is rooted in DNS. It's ACME DNS-01. If your threat model includes nation states, this is a non-solution

[rakoo]

Wrong, TLS security is independent from DNS. If my threat model includes nation states I'll trust my own certificates or my very own CA.

[teddyh]

By trusting certificates, you implicitly trust all CAs, not just your own.

[tptacek]

You trust your browser's root program, not "all CAs".

[teddyh]

That’s what a “CA” is. If someone is not in a browser’s CA list, they’re not a CA. So yes, you do trust all CAs.

[acdha]

That’s not all what CA means in standard usage. Terms like WebPKI exist specifically to make that distinction since, for example, the U.S. government runs its own certificate authorities which are trusted by millions of clients and even some mainstream software (Adobe) but not browsers. This is far from unique as far as governments go, and in some cases may even be required within a country.

[tptacek]

No, obviously, different TLS programs have different root programs.

[rakoo]

No, again in that threat model I can decide exactly which certificates and which CA I trust, one by one.

[shp0ngle]

If your threat includes nation states then DNSSEC is double-useless?

[Avamander]

If your threat model includes nation-states then DNSSEC won't help you either. WebPKI at least has a method for keeping track of and detecting misissuance, DNSSEC doesn't.