Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
silverwind 4 days ago

I agree, there needs to be a TLS without certificates. Pre-shared secrets would be much more convenient in many scenarios.

ryao 4 days ago | parent [-]

How about TLS without CAs? See DANE. If only web browsers would support it.

pornel 3 days ago | parent [-]

DANE is a TLS with too-big-to-fail CAs that are tied to the top-level domains they own, and can't be replaced.

Separation between CAs and domains allows browsers to get rid of incompetent and malicious CAs with minimal user impact.

ryao 2 days ago | parent [-]

DANE lets the domain owner manage the certificates issued for the domain.

pornel a day ago | parent [-]

This delegation doesn't play the same role as CAs in WebPKI.

Without DNSSEC's guarantees, the DANE TLSA records would be as insecure as self-signed certificates in WebPKI are.

It's not enough to have some certificate from some CA involved. It has to be a part of an unbroken chain of trust anchored to something that the client can verify. So you're dependent on the DNSSEC infrastructure and its authorities for security, and you can't ignore or replace that part in the DANE model.