From: phantomcircuit <phantomcircuit@covertinferno•org>
To: bitcoin-development <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] bitcoin DNS addresses
Date: Tue, 26 Jul 2011 18:32:17 +0200 [thread overview]
Message-ID: <l4cw5stpdjpdbdmn4a4mplch.1311697801540@email.android.com> (raw)
dns resolution is far simpler to implement than properly checking the https certificate chain
Matt Corallo <bitcoin-list@bluematt•me> wrote:
>For some reason my mail client is being thick and not responding
>on-list, sorry about that...
>
>On Tue, 2011-07-26 at 08:34 -0700, Rick Wesson wrote:
>> > Most OSes dont do any resolving at all, they just query upstream
>> > resolvers. In the case of the coffee shop, that upstream resolver is
>> > the attacker. This attacker can easily just claim that the zone you
>> > requested is not DNSSEC signed and return their data and the OS will not
>> > be any wiser. AFAIK, most OSes dont have a mechanism to require the
>> > zone queried is DNSSEC signed meaning you have to implement a full DNS
>> > resolver in Bitcoin in order for it to be secure.
>>
>> Matt,
>>
>> The same attack can apply to https with a self signed cert where it is
>> the A record that is replaced by the attacker and the https request is
>> sent to evil.com's server which responds to the request with an answer
>> in the form you expect. This is what lots of malware does on windows
>> to steel bank login credentials, securing http doesn't prevent such an
>> attack.
>If you are using a self-signed cert to do any kind of important data
>transfer you are just being stupid. Here I am assuming your computer
>isnt actually compromised, but only the network is, which I think is a
>fairly good assumption.
>>
>> Windows has supported DNSSEC since 2008 as have most of the unix
>> variants, mac osx since 10.3 Android also seems to include DNSSEC
>> capable resolvers.
>>
>> If this thread is really about DNSSEC then we might move it to a more
>> appropriate forum for discussing how applications leverage DNS
>> security extensions. Its taken some years to get the specs done and
>> the root signed I expect it to take many more to enable the
>> applications to leverage the deployed infrastructure.
>No, DNSSEC is very well done, this thread is specifically about the
>security implications of using DNSSEC for Bitcoin address communication.
>IMO it is not a good idea, as for it to be secure against a coffee-shop
>network MITMer you have to implement a full resolver with root trust
>anchors and knowledge of root servers in Bitcoin, which does not seem
>like a good idea.
>>
>> I am interested in working on the issues surrounding usability and I
>> find that remembering and communicating a bitcoin address are current
>> limiting factors in the acceptance and deployment of this software. My
>> goal is for simpler user experience.
>I totally agree, however I don't think DNS-based resolving is a good
>idea here. HTTPS does have several advantages over a DNSSEC-based
>solution without any significant drawbacks that I can see.
>
>Matt
>
>------------------------------------------------------------------------------
>Magic Quadrant for Content-Aware Data Loss Prevention
>Research study explores the data loss prevention market. Includes in-depth
>analysis on the changes within the DLP market, and the criteria used to
>evaluate the strengths and weaknesses of these DLP solutions.
>http://www.accelacomm.com/jaw/sfnl/114/51385063/
>_______________________________________________
>Bitcoin-development mailing list
>Bitcoin-development@lists•sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/bitcoin-development
next reply other threads:[~2011-07-26 16:49 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-26 16:32 phantomcircuit [this message]
-- strict thread matches above, loose matches on Subject: below --
2011-07-26 0:29 Rick Wesson
2011-07-26 1:35 ` Matt Corallo
2011-07-26 3:35 ` Rick Wesson
2011-07-26 4:22 ` Luke-Jr
2011-07-26 4:54 ` Rick Wesson
2011-07-26 6:18 ` Luke-Jr
2011-07-26 8:04 ` John Smith
2011-07-26 13:23 ` Matt Corallo
[not found] ` <CAJ1JLtvHubiC_f_a17fnXODs54CCdmxPf8+Zz4M5X9d8VEfFSQ@mail.gmail.com>
[not found] ` <1311691885.23041.2.camel@Desktop666>
[not found] ` <CAJ1JLtsLXEPFkBuHf6ZKUSVYUnY+NL7TtsEswGvdTYtrZZTXWw@mail.gmail.com>
2011-07-26 16:24 ` Matt Corallo
2011-07-26 16:50 ` Rick Wesson
2011-07-26 17:18 ` Matt Corallo
2011-07-30 11:34 ` Mike Hearn
2011-07-30 13:42 ` Rick Wesson
2011-07-30 14:07 ` Matt Corallo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=l4cw5stpdjpdbdmn4a4mplch.1311697801540@email.android.com \
--to=phantomcircuit@covertinferno$(echo .)org \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox