Add support to ICANN/IANA domains into Convergence ?

[khal]

I open this topic to discuss about this possibility, to see if and how it would be feasible and/or useful.

As it won't be possible to register those names in namecoin directly (because anybody could squat an existing domain), we will have to find a way to do the matching between an ICANN domain and an arbitrary namecoin record (with a TXT record and a signature in the ICANN zone for example).

Convergence would need be able to remember this matching (by caching it like it does for fingerprints ?) for performance reasons.

The debate is open :p

[moa]

So I'm a little unclear on what advantages this brings ... does it mean non ".bit" names can then use the self-signed TLS (nmcsec) biolizard has operational ... or something else also?

[phelix]

You want to add Namecoin TLS support to ordinary domains? Good idea but how to make it secure?

How to make the connection from xkcd.com to the TLS record?

As it won't be possible to register those names in namecoin directly (because anybody could squat an existing domain), we will have to find a way to do the matching between an ICANN domain and an arbitrary namecoin record (with a TXT record and a signature in the ICANN zone for example).

Aha. Had not even known this was possible.

Convergence would need be able to remember this matching (by caching it like it does for fingerprints ?) for performance reasons.

Just like normal DNS caching? Not sure if you mean the additional ICANNot info or the Namecoin record?

[khal]

So I'm a little unclear on what advantages this brings ... does it mean non ".bit" names can then use the self-signed TLS (nmcsec) biolizard has operational ... or something else also?

Yes, my idea is to use nmcsec to also validate non .bit domains (using self-signed certs or not).
Not sure if possible/secure for now.

From previous discussions I had with biolizard, we arrived to the conclusion that it was not a good idea for security reasons to support certificate authorities for .bit domains (a certificate signed by another certificate in namecoin). Biolizard, if you remember why it would help this discussion :p

You want to add Namecoin TLS support to ordinary domains? Good idea but how to make it secure?

How to make the connection from xkcd.com to the TLS record?

Yep.

Here is how it could be done (only one way to do it I guess, maybe not a perfect one) :
1. Convergence receives a request for "http://dot-bit.org"
2. It then makes a DNS request to get the TXT records for dot-bit.org
3. If it contains a nmcsig and a namecoin name, verify it with namecoin (requires namecoin-qt in daemon mode or the future namecoin 0.8 :p) otherwise it'll process it the normal way
4. if the sig is correct, use the sha1 fingerprint of this namecoin name to check against the dot-bit.org certificate
5. the domain + the fingerprint is cached in Convergence (already working like that), so, next request will reuse this directly

Weak points :
- the DNS request for the TXT record is not secured => Convergence allows us to check the record against several notaries (not sure it really works like that, would need to be checked)
- what is the result if someone put the fingerprint of a CA in namecoin
- domain owner can't provide a valid certificate for people not using Convergence (but we could check the certificate of dot-bit.bit instead of dot-bit.org in the step 4 to provide a second certificate for Convergence, once the sig is verified)
- else ?

[biolizard89]

So I'm a little unclear on what advantages this brings ... does it mean non ".bit" names can then use the self-signed TLS (nmcsec) biolizard has operational ... or something else also?

Yes, my idea is to use nmcsec to also validate non .bit domains (using self-signed certs or not).
Not sure if possible/secure for now.

From previous discussions I had with biolizard, we arrived to the conclusion that it was not a good idea for security reasons to support certificate authorities for .bit domains (a certificate signed by another certificate in namecoin). Biolizard, if you remember why it would help this discussion :p

If I recall correctly, the problem with using CA's for .bit was that if the CA got compromised or was malicious, it could compromise a large number of .bit sites and the end user visiting the site would have no way to know that this was a risk.

You want to add Namecoin TLS support to ordinary domains? Good idea but how to make it secure?

How to make the connection from xkcd.com to the TLS record?

Yep.

Here is how it could be done (only one way to do it I guess, maybe not a perfect one) :
1. Convergence receives a request for "http://dot-bit.org"
2. It then makes a DNS request to get the TXT records for dot-bit.org
3. If it contains a nmcsig and a namecoin name, verify it with namecoin (requires namecoin-qt in daemon mode or the future namecoin 0.8 :p) otherwise it'll process it the normal way
4. if the sig is correct, use the sha1 fingerprint of this namecoin name to check against the dot-bit.org certificate
5. the domain + the fingerprint is cached in Convergence (already working like that), so, next request will reuse this directly

Weak points :
- the DNS request for the TXT record is not secured => Convergence allows us to check the record against several notaries (not sure it really works like that, would need to be checked)
- what is the result if someone put the fingerprint of a CA in namecoin
- domain owner can't provide a valid certificate for people not using Convergence (but we could check the certificate of dot-bit.bit instead of dot-bit.org in the step 4 to provide a second certificate for Convergence, once the sig is verified)
- else ?

If this proposal can be broken by DNS records being compromised, how is it superior to embedding TLS fingerprints in a DNSSEC record? I believe Chrome already has support for reading TLS fingerprints from DNSSEC. Maybe I'm just not understanding your proposal.

[phelix]

[...]
If this proposal can be broken by DNS records being compromised, how is it superior to embedding TLS fingerprints in a DNSSEC record? I believe Chrome already has support for reading TLS fingerprints from DNSSEC. Maybe I'm just not understanding your proposal.

this

[khal]

If this proposal can be broken by DNS records being compromised, how is it superior to embedding TLS fingerprints in a DNSSEC record? I believe Chrome already has support for reading TLS fingerprints from DNSSEC. Maybe I'm just not understanding your proposal.

Firefox is able to support self-signed certificates with fingerprints in a DNS record (TLSA) & DNSSEC, with a plugin :
https://os3sec.org/

This feature seems to have been removed from chrome :
https://www.imperialviolet.org/2011/06/ ... hrome.html


Most people don't use DNSSEC on their domains/browsers, so, thats why the Convergence plugin exists too (skipping CA is the other reason).
Of course, using notaries it not perfectly secure : if your whole internet connection is the under control of someone else, it's ended, if at least 1 dns server reply something different I guess Convergence will report an error. But, it can still be used as a less secure replacement for DNSSEC, particularly when there is no DNSSEC.

This does not mean that using DNSEC is a bad idea, of course, but for now, Convergence does not support it, and browsers don't support TLSA records natively (so, no auto-validated self-signed certificates).
An interesting work would be to merge the code of https://os3sec.org/ into Convergence, but this wouldn't solve any problem for domains not signed with DNSSEC.

From all the previous remarks/posts, I can deduce the following question :
* Would it be interesting to have this system for non .bit domains ?
- less secure than DNSSEC (using notaries) if Convergence does not support DNSSEC (the browser couldn't do a DNSSEC request first and if there is no TLSA record give the request to Convergence, so, this would break DNSSEC ? Does Convergence really works like that ?)
- as secure as DNSSEC if we add DNSSEC support to Convergence
- more secure if the domain/browser does not support DNSSEC (by using notaries instead of 1 DNS server & tls fingerprint in DNS records)
- that would allow to skip CA
- that would allow to use self-signed certificates