Conversation

Unless I'm mis-reading the domain history, this domain was (and is) DNSSEC signed and that did not prevent the takeover. The attackers move is to hi-jack the HTTP endpoints instead of DNS servers, get the cert through HTTP upload verification, and then MiTM.

Quote Tweet

Michal Špaček

@spazef0rze

Feb 15

Replying to @danielcormier and @campuscodi

Good question. With BGP hijack in progress, seems the hackers were able to obtain a valid TLS cert for developers.kakao.com, see crt.sh/?q=developers. (now revoked).

Colm MacCárthaigh

@colmmacc

Feb 16

DANE would not prevent this kind of attack. Nor would it materially prevent later re-use of the certificate. If the attacker can control a victim's routing, then they can pivot to the HTTPS IPs anyway. WebPKI revocation is what helps here.

Colm MacCárthaigh

@colmmacc

Feb 16

I say all this because DNSSEC proponents make claims about DANE being useful against BGP hi-jacks, but that usefulness is very limited and reliant on old attacker tactics that seem to have changed.

Replying to

and

Not clear why you're talking about DANE. They don't use it and the clients don't use it. DNSSEC doesn't imply DANE. DNSSEC by itself is not a substitute for WebPKI and doesn't make WebPKI secure. CAA and accounturi exist and could make it less bad via DNSSEC. That's not DANE.

Replying to

and

Obtaining a WebPKI certificate wouldn't matter if were using DANE, which they weren't. CAA + accounturi is the mechanism for attempting to secure WebPKI issuance via DNSSEC. datatracker.ietf.org/doc/html/rfc86 Let's Encrypt has accounturi in staging. Don't know if any CA has shipped it.

9:14 PM · Feb 16, 2022Twitter Web App

Likes