top | item 26508476

(no title)

redsolver | 5 years ago

With technologies like DNSSEC, the authenticity of every record down from the root-level can be verified (SkyDroid doesn't do this yet). If you want total security and don't trust the root servers, you can use a Handshake domain name which basically moves the root zone to a blockchain and prevents unauthorized modifications.

An additional concept I considered is that DNS lookups are quite cheap, so your client could just ask 10 different DoH servers for a domain and validate that they all return the same response.

discuss

dane-pgp|5 years ago

Thanks for the response!

It would be great if SkyDroid indicated to the user whether they were trusting the root servers or just the server providing the DNS (with no DNSSEC), but I suppose most users wouldn't be able to make practical use of that information.

I don't know what the security assumptions of Handshake domain lookups are. Does the client have to download the whole blockchain, or is there some lightweight proof that the client can receive from one semi-trusted entity, which is immune to replay attacks?

The idea of asking 10 different DNS-over-HTTPS servers for the same result is an excellent hack, as long as there is a careful balance between availability and integrity (i.e. a couple of colluding bad servers can't stop a quorum of good servers from providing a consensus answer).