[tptacek]

This is a topic I obviously pay a lot of attention to. Wouldn't it be weirder if I came here with a different take? What do you expect?

I don't think I'm out on a limb suggesting that random small domains should not enable DNSSEC. There's basically zero upside to it for them. I think there's basically never a good argument to enable it, but at least large, heavily targeted sites have a colorable argument.

[tialaramex]

Actually I think it probably is suspicious to have the exact same opinion after studying something over a long period of time. My opinions are more likely to remain consistent, rather than growing more nuanced or sophisticated, if all I've done is trot out the same responses over a longer period of time.

I've struggled to think of an especially unexamined example because after all they tend to sit out of conscious recall, I think the best I can do is probably that my favourite comic book character is Miracleman's daughter, Winter Moran. That's a consistent belief I've held for decades, I haven't spent a great deal of time thinking about it, but it's not entirely satisfactory and probably there is some introduced nuance, particularly when I re-examined the contrast between what Winter says about the humans to her father and what her step-sister Mist later says about them to her (human) mother because I was writing an essay during lockdown.

[staticassertion]

> Actually I think it probably is suspicious to have the exact same opinion after studying something over a long period of time.

This seems really odd, probably fundamentally incorrect. "Believing something over time means it is less likely that you are engaging in good faith"? Totally insane take.

[tialaramex]

On the contrary it's suspicious if I happened to guess exactly right with much less data and so have the same conclusion after learning more. I suggest that the more likely reason is that I didn't learn anything at all.

[staticassertion]

> On the contrary it's suspicious if I happened to guess exactly right with much less data and so have the same conclusion after learning more.

No it isn't? If I guess what time it is and then look and see that it's around sunset, which is evidence towards my initial guess being right, it is not "suspicious". This is just a fundamentally broken model of evidence.

[gucci-on-fleek]

> I don't think I'm out on a limb suggesting that random small domains should not enable DNSSEC. There's basically zero upside to it for them.

DNSSEC is great for super tiny sites. I only run a single server, but it's strongly recommended that every domain has at least two independent nameservers, ideally with anycasted IPs. DNSSEC lets me fully self-host my DNS, while also letting me add secondary mirrors to get the additional independent nameservers.

Of course, you can add secondary mirrors without DNSSEC (and this is still quite common), but DNSSEC means that I don't have to trust these mirrors [0], since DNSSEC means that they can't forge invalid responses without my private key. I'd almost argue that if you're using secondary mirrors without DNSSEC enabled, then you're not "really" self-hosting, since you're completely reliant on the third-party mirrors being trustworthy.

For larger sites that can afford multiple independent nameservers or for anyone who wants to use a hosted DNS service, then DNSSEC probably offers fewer benefits, since in those cases you're presumably able to trust all your nameservers.

[0]: Well, I still need to trust them a little bit for non-DNSSEC-supporting clients, but most of the major resolvers support DNSSEC these days. And even then, this makes an attack much more detectable than it would be otherwise.

[cyberax]

> I don't think I'm out on a limb suggesting that random small domains should not enable DNSSEC.

Why? I can see this argument for large domains that might be using things like anycast and/or geography-specific replies. But for smaller domains?

> There's basically zero upside to it for them.

It can reduce susceptibility to automated wormable attacks. Or to BGP-mediated attacks.

[tptacek]

Explain the "wormable attack" DNSSEC addresses? I feel pretty well read into wormability, having done a product in the space.

[cyberax]

The vast majority of Let's Encrypt installations don't use CAA records or anything in DNS. Or they host the DNS along with the HTTPS servers.

So if the router between the web server and the Internet is compromised, it can just get trusted certs for all the HTTPS traffic going through it, enabling transparent MITM to inject its payload.

[tptacek]

"The web server"? Which web server? Are the HTTP flows with executable content going to the web server or coming from it? I'm sorry, you haven't really cleared this up.

[cyberax]

Any web server. Just imagine a worm getting onto a company's router and starting to transparently MITM traffic. Jabber.ru experienced such an attack, apparently.

[gzread]

This happened: https://notes.valdikss.org.ru/jabber.ru-mitm/

[akerl_]

I touched on this in the parallel comment where you linked this, but worth noting that DNSSEC does not solve this threat model, because re-routing the destination of legitimate IP addresses does not rely on modifying DNS responses.

[cyberax]

It does solve it. Unless you know my private key, you can't fake the DNSSEC signatures. The linking DS records in the TLD are presumably out of your control and in future can be audited through something like Certificate Transparency logs.

So even if you fully control the network path, you will somehow have to get access to my private key material.

[indolering]

It would make them more secure and less vulnerable to attacks. But lazy sysadmins and large providers are too scared to do anything, in no small part due to your ... incorrect arguments against it.

[tptacek]

No it wouldn't? How exactly would it make them more secure? It makes availability drastically more precarious and defends against a rare, exotic attack none of them actually face and which in the main is conducted by state-level adversaries for whom DNSSEC is literally a key escrow system. People are not thinking this through.

[indolering]

Boy, how would cryptographically the ROOT of the internet make it more secure? Right here dude: https://easydns.com/blog/2015/08/06/for-dnssec/

[growse]

That entire post is that you should enable DNSSEC because it's "more secure", and there are no reasons not to.

"More secure" begs the question "against what?", which the blog post doesn't seem to want to go into. Maybe it's secure from hidden tigers.

My favourite DNSSEC "lolwut" is about how people argue that it's something "NIST recommends", whilst at the same time the most recent major DNSSEC outage was......... time.nist.gov! (https://ianix.com/pub/dnssec-outages.html)

[gzread]

DNSSEC is to DNS what HTTPS is to HTTP, so most of these kinds of questions can be answered by asking yourself the same questions about HTTPS.

[tptacek]

You keep waving this blog post from 2015 at me. Not only have we discussed it before, but it was a top-level HN post with 79 comments, many of them from me.

Please don't stealth-edit your posts after I respond to them. If you need to edit, just leave a little note in your comment that you edited it.

[indolering]

Sorry, I thought my edit was fast enough.

Yes it did hit HN and you just said, "I stand by what I wrote." and then complain about buggy implementations and downtime connected to DNSSEC. As if that isn't true for all technologies, let alone /insecure/ DNS. DNS is connected to a lot of downtime because it undergirds the whole internet. Making the distributed database that delegates domain authority cryptographically secure makes everything above it more secure too.

I rebutted your arguments point-by-point. You don't update your blog post to reflect those arguments nor recent developments, like larger key sizes.

[tptacek]

Did you write the article?