1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <bitcoin-list@bluematt.me>) id 1QlkR8-0003po-Vy
for bitcoin-development@lists.sourceforge.net;
Tue, 26 Jul 2011 16:24:50 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of bluematt.me
designates 208.79.240.5 as permitted sender)
client-ip=208.79.240.5; envelope-from=bitcoin-list@bluematt.me;
helo=smtpauth.rollernet.us;
Received: from smtpauth.rollernet.us ([208.79.240.5])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.76) id 1QlkR6-0003cx-LO
for bitcoin-development@lists.sourceforge.net;
Tue, 26 Jul 2011 16:24:50 +0000
Received: from smtpauth.rollernet.us (localhost [127.0.0.1])
by smtpauth.rollernet.us (Postfix) with ESMTP id B7D3F594015
for <bitcoin-development@lists.sourceforge.net>;
Tue, 26 Jul 2011 09:24:28 -0700 (PDT)
Received: from mail.bluematt.me (mail.bluematt.me [IPv6:2001:470:9ff2:2::13])
(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
(No client certificate requested)
(Authenticated sender: @bluematt.me)
by smtpauth.rollernet.us (Postfix) with ESMTPSA
for <bitcoin-development@lists.sourceforge.net>;
Tue, 26 Jul 2011 09:24:28 -0700 (PDT)
Received: from [IPv6:2001:470:9ff2:1:2c0:caff:fe33:858b] (unknown
[IPv6:2001:470:9ff2:1:2c0:caff:fe33:858b])
by mail.bluematt.me (Postfix) with ESMTPSA id 059182D9
for <bitcoin-development@lists.sourceforge.net>;
Tue, 26 Jul 2011 18:24:36 +0200 (CEST)
From: Matt Corallo <bitcoin-list@bluematt.me>
To: bitcoin-development <bitcoin-development@lists.sourceforge.net>
In-Reply-To: <CAJ1JLtsLXEPFkBuHf6ZKUSVYUnY+NL7TtsEswGvdTYtrZZTXWw@mail.gmail.com>
References: <CAJ1JLts5_r6hHoJR-gS-CuuvS00p=RQ6iYbCyOkBDcvgs1xtew@mail.gmail.com>
<1311644156.29866.4.camel@Desktop666>
<CAJ1JLts9vcF7bGo8udK9OicWhAUHvmeFDrZQDKBoGQbp-nYGrw@mail.gmail.com>
<1311678417.21495.9.camel@Desktop666>
<CAJ1JLtvHubiC_f_a17fnXODs54CCdmxPf8+Zz4M5X9d8VEfFSQ@mail.gmail.com>
<1311691885.23041.2.camel@Desktop666>
<CAJ1JLtsLXEPFkBuHf6ZKUSVYUnY+NL7TtsEswGvdTYtrZZTXWw@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha1";
protocol="application/pgp-signature";
boundary="=-mrRW++YML4eQ5E/Rldjt"
Date: Tue, 26 Jul 2011 18:24:36 +0200
Message-ID: <1311697476.23041.7.camel@Desktop666>
Mime-Version: 1.0
X-Mailer: Evolution 2.32.2
X-Rollernet-Abuse: Processed by Roller Network Mail Services. Contact
abuse@rollernet.us to report violations. Abuse policy:
http://rollernet.us/abuse.php
X-Rollernet-Submit: Submit ID 315.4e2eea3c.3d834.0
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 SPF_PASS SPF: sender matches SPF record
X-Headers-End: 1QlkR6-0003cx-LO
Subject: Re: [Bitcoin-development] bitcoin DNS addresses
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2011 16:24:51 -0000
--=-mrRW++YML4eQ5E/Rldjt
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
For some reason my mail client is being thick and not responding
on-list, sorry about that...
On Tue, 2011-07-26 at 08:34 -0700, Rick Wesson wrote:
> > Most OSes dont do any resolving at all, they just query upstream
> > resolvers. In the case of the coffee shop, that upstream resolver is
> > the attacker. This attacker can easily just claim that the zone you
> > requested is not DNSSEC signed and return their data and the OS will no=
t
> > be any wiser. AFAIK, most OSes dont have a mechanism to require the
> > zone queried is DNSSEC signed meaning you have to implement a full DNS
> > resolver in Bitcoin in order for it to be secure.
>=20
> Matt,
>=20
> The same attack can apply to https with a self signed cert where it is
> the A record that is replaced by the attacker and the https request is
> sent to evil.com's server which responds to the request with an answer
> in the form you expect. This is what lots of malware does on windows
> to steel bank login credentials, securing http doesn't prevent such an
> attack.
If you are using a self-signed cert to do any kind of important data
transfer you are just being stupid. Here I am assuming your computer
isnt actually compromised, but only the network is, which I think is a
fairly good assumption.
>=20
> Windows has supported DNSSEC since 2008 as have most of the unix
> variants, mac osx since 10.3 Android also seems to include DNSSEC
> capable resolvers.
>=20
> If this thread is really about DNSSEC then we might move it to a more
> appropriate forum for discussing how applications leverage DNS
> security extensions. Its taken some years to get the specs done and
> the root signed I expect it to take many more to enable the
> applications to leverage the deployed infrastructure.
No, DNSSEC is very well done, this thread is specifically about the
security implications of using DNSSEC for Bitcoin address communication.
IMO it is not a good idea, as for it to be secure against a coffee-shop
network MITMer you have to implement a full resolver with root trust
anchors and knowledge of root servers in Bitcoin, which does not seem
like a good idea.
>=20
> I am interested in working on the issues surrounding usability and I
> find that remembering and communicating a bitcoin address are current
> limiting factors in the acceptance and deployment of this software. My
> goal is for simpler user experience.
I totally agree, however I don't think DNS-based resolving is a good
idea here. HTTPS does have several advantages over a DNSSEC-based
solution without any significant drawbacks that I can see.
Matt
--=-mrRW++YML4eQ5E/Rldjt
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJOLuo7AAoJEBrh01BD4I5UI9EP/A8HUpPoMxlB7P6efE4J3H+1
qIht3qHMrXeJikhvCOIWi8cXKM/rgjPwlFcJue6SfZofckdL6qCdG1QwhfAPKAa9
M7IPvckULa5QuMV2fPcElaI6xJzDwmWE5XVdIqvknuBnSRbumN2H/F7CZexML6iL
zNKMu4QJoWyYofx5q7RjzPRrHfxV9uFnSG9AkYRRx5uIAyPs0GKq9UCIDKtLcTGC
vhjFzt8qujB+wR8Dz6e1wCtxxMLJaNuv0XD5vEpXiPJFJgO5wf8x2HSSnN2FAo6K
gXh6uo60hZtmSXu3dC1UdBWhfSa6fe98KdMoFAQAPFVBI/SNyH615n8uBdWGb4i+
7HSfIuqKyx6Z5UifV7sj+ISfxGDKKDb48DWcW6rNtSPvr+UXWbnQlAf2xjo5thMw
SmpC7wLigTWvwv+Y1p5DGdgwuq70pCvCuNi6VpB096SK7xk5r51L/a6LLu+FJcMN
8TUH6AzTS4Wx3XFYZ1P0HEjWjlkADjHsGTouhb6+WECj2xJLCrCO6z82ytIVgCur
r6+Dygz0xyUoK6ne7vRLMYwHaMyNxvu4OeV7Ctzzd4CWvfjRsjKqIEf8/UlsUWbs
YOuh3gHkXvgD2nuuVRkojFYnrb8XCGNEzODWxtYLhSIyClozZRD5iQeWpzxp6Vvu
+SNMMW+MuhUcMFPeNl5m
=+V3r
-----END PGP SIGNATURE-----
--=-mrRW++YML4eQ5E/Rldjt--
|