

Tutanota uses DANE on top of TLS; why doesn't everybody? - winst0n
https://tutanota.de/blog/posts/tutanota-uses-dane-on-top-of-ssl-pfs

======
markild
There's a few things I believe would really help getting DANE rolled out.

As far as I know, there's really no "out of the box" validation for end users.
The web browsers will have to make the validation, or failed validation,
visible for people to care enough to implement it.

Although DNSSEC is becoming more and more commonplace, it still seems that in
a lot of places, you'll have to throw up your own DNS-server to be able to use
it. Make it simpler to implement, and you'll probably see a lot more people
starting to use it.

Also, just to clarify, DANE doesn't _solve_ the CA-problem. You're now putting
all your trust into it being hard to both issue a valid certificate and
compromise the DNS chain.

~~~
blfr
It would solve the problem partially. Currently, every trusted CA can issue a
certificate for any domain. Registries would be limited to tampering with the
TLDs they control.

You wouldn't need to worry that DigiNotar or China Internet Network
Information Center start issuing certs for your domain unless you're using .nl
or .cn. The TLD itself would be a visible indicator of how much trust a user
should offer.

~~~
markild
Absolutely. I would be a huge improvement.

I'm thinking more in the lines of stopping three-letter agencies from doing
MITM. I don't know if it's actually possible to prove the integrity of the
root nodes.

------
kpcyrd
Depends on your threat model. If you're afraid of somebody snooping on your
wifi, TLS alone is sufficient. If you're afraid of government surveillance,
DANE is useless because it's relying on DNSSEC, which has a government
backdoor by design.

------
ritonlajoie
I have some 'outdated' and 'obsolete crypto' warning in chrome, about their
certificate. I am using Chrome 42.0.2311.135 on Windows 7.

Here is the message:
[https://i.imgur.com/SnMQWU9.png](https://i.imgur.com/SnMQWU9.png)

Compared to HN :
[https://i.imgur.com/5iphbCq.png](https://i.imgur.com/5iphbCq.png)

For a 'super secure' email, this sounds strange ? Why are they using an
insecure and obsolete key exchange mechanizm ?

~~~
kpcyrd
Their chain of trust contains a certificate that's using sha1, which is
deprecated[0]

[0]: [http://shaaaaaaaaaaaaa.com/](http://shaaaaaaaaaaaaa.com/)

