Web security: DANE/TLSA

Fourth post in the web security series.

So now you are really sure your user's web browser made a secure connection to your server thanks to DNSSEC, HTTPS and HPKP, right?

But what about it's the first time the user is connecting to your server (so it doesn't know your key) on an open Wi-Fi access point controller by an attacker who also has access to a CA? The attacker could do a MITM attack by removing the HPKP header you send and generating a certificate for your domain.

What to do then? DANE!

DANE basically get rid of CAs and extends DNSSEC to provide the certificate verification directly from the DNS in a TLSA record.

Again, this is not widely deployed yet, there is a DANE add-on for Firefox (the same add-on that is used for DNSSEC).

Manually generate the certificate hash to put in the TLSA record

$ openssl x509 -in test.crt -outform DER | openssl sha256

Notes

• How to create TLSA entries
• TLSA generator