Question about host certificates

Damien Miller djm at mindrot.org
Wed Jun 16 12:31:12 EST 2010


On Tue, 15 Jun 2010, Iain Morgan wrote:

> > It will also follow PTR records though, so it would be vulnerable to
> > DNS spoofing. I suppose once could add a heuristic that it is only used
> > IFF the original hostname is unqualified AND matches the first component
> > of the qualified hostname returned via AI_CANONNAME but that seems a
> > little hacky...
> 
> Does it only follow PTR records if the first argument is an explicit IP
> address? If so, we could test whether the supplied hostname is really an
> IP address and skip setting AI_CANONNAME.

oops, I meant CNAME records and not PTR. E.g. resolving "www.mindrot.org"
with AI_CANONNAME returns "natsu.mindrot.org" in the ai_canonname field.

$ dig +short www.mindrot.org cname
natsu.mindrot.org.

My concern is that an adversary could spoof a DNS response and inject
their own hostname. They would be limited to a repertoire of hostnames
that are already trusted by certificate, but this could be used to
leverage one compromised hostkey + DNS injection into a MITM against any
certificate signed by a trusted CA.

I guess it is probably not a good idea for this reason :(

-d


More information about the openssh-unix-dev mailing list