This is not related strictly to Let’s Encrypt, but TBH this idea came to my mind and I think this one is the proper community to share it.
What’s the real problem of self-signed certificates? It’s not that they don’t encrypt communications, but rather that you cannot trust that the site owner is who is signing it. Let’s Encrypt implements some protocols that verify that automatically and thus you can trust that who is serving your request is who claims he is.
However, imagine that we develop a protocol similar to SPF (for SMTP), based on this simple idea:
You create a TXT record on example.com, and it contains some kind of clause that indicates the public key of the CA that is allowed to sign certificates for this domain. We can call it something like ACA (Allowed Certificate Authorities). It could look similar to ACA V=1 S=0 PUBK=somelongpublickey (V for version, S for subdomains (to know if the same policy applies to subdomains), and PUBK for public keys allowed to sign certificates here).
The browser reaches your domain and gets a cert.
The browser asks for your TXT records and gets the ACA record.
The browser verifies the cert signature.
The browser knows the connection is trusted.
This way, communications would be secure, encrypted, verified, and decentralized.
It is proposed in RFC6698 as a way to authenticate TLS client and server entities without a certificate authority (CA).
The major stumbling block with DANE is getting browsers to adopt it. Also, some people really don't like that it relies on DNSSEC. As @rg305 points out, you have to use something to make sure that the DNS records are authenticated.
This needs DNSSEC, there is still a certification authority somewhere. (Without DNSSEC, any DNS MITM can replace your certificate, and being that most DNS MITMs are network operators, this is more dangerous than plain http)
Great! I knew I couldn't be the 1st person on Earth thinking about this...
OK, so if DANE were implemented and I set up a DNS server in my LAN, I could trick all clients behind it to make them believe they're contacting the expected DANE-secured website. Interesting... Indeed we need a 3rd party to verify this.
However, if with DNSSEC we can verify the DNS itself, it seems easier to just verify that than having to verify each cert for each site individually. DNS is untrusted? Then the DANE cert is treated just like a self-signed cert (browser warning, etc.). DNS is trusted? No need for external CA.
Well, I guess we have to leave the pros continuing on this development. Thanks for your replies!
